Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Probleme mit Norton Internet Security

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.03.2017, 22:03   #1
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Hallo liebe Community,

ich habe seit gestern Probleme mit meinem Antiviren Programm: Norton Internet Security.

Es began damit, dass ich meinen PC gestartet habe und Norton nicht gestartet wurde. Auch nach Neustarten des PC's konnte ich Norton nicht starten. Auf der Supportwebsite habe ich dann den Norton Power Eraser geladen und einen Scan durchgeführt, bei dem nichts gefunden wurde.

Da das Problem dadurch nicht behoben wurde, habe ich im Anschluss daran Norton deinstalliert und neu installiert. Seitdem wird das Programm auch immer mit dem Betriebssystem gestartet und der PC wurde als geschützt angezeigt.. bis heute.. Jetzt bekomme ich von Norton die Nachricht, dass mein Computer gefährdet ist und bietet zur Lösung des Problems einen Schnellscan an. Diesen habe ich bereits dreimal ohne Erfolg durchgeführt. Ebenso habe ich einen vollständigen Systemscan durchgeführt und bin mittlerweile wirklich verzweifelt.. Kann mir jemand bei meinem Problem helfen? Wie soll ich am besten vorgehen?

Ich wäre für jede Form von Hilfe sehr dankbar!

Vielen Dank im Voraus & einen schönen Abend!
Niklas

Alt 09.03.2017, 21:00   #2
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 11.03.2017, 18:34   #3
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Hallo,

vielen Dank für die Hilfe!

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (Administrator) auf GAMER91-PC (11-03-2017 18:01:18)
Gestartet von C:\Users\Gamer91\Downloads
Geladene Profile: Gamer91 (Verfügbare Profile: Gamer91 & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(© 2015 Microsoft Corporation) C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
() C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coNatHst.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-05] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-06-07] (Plays.tv, LLC)
HKLM-x32\...\Run: [ChicoSys] => C:\WINDOWS\SysWOW64\cc32\webtmr.exe
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1209344 2016-07-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [BingSvc] => C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Spotify] => C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe [7114352 2017-03-08] (Spotify Ltd)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Amazon Music] => C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe [5907944 2016-03-04] ()
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Spotify Web Helper] => C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-08] (Spotify Ltd)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27262432 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\RunOnce: [Uninstall C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\Explorer: [NoFind] 0
IFEO: [Debugger] logonui.exe
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{40b7a773-8c94-4592-994d-20ca453a5403}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eb081c7a-3b7b-4bda-a4a9-afc884d6f119}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> {015860D7-7BDB-47AB-8049-1F8AC681F3B9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935 [2017-03-11]
FF Extension: (Ghostery) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\firefox@ghostery.com.xpi [2017-02-12]
FF Extension: (Norton Identity Safe) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\idsafe@norton.com.xpi [2017-03-07]
FF Extension: (NoScript) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-08]
FF Extension: (Adblock Plus) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-18]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon [2017-03-07]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon
FF HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\50b4t2kg.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=14.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2014\Chem3D\npChem3DPlugin.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=14.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2014\ChemDraw\npcdp32.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3272115789-219833374-1157450271-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-30] ()

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default [2017-03-09]
CHR Extension: (Google Präsentationen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-18]
CHR Extension: (Google Docs) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-18]
CHR Extension: (Google Drive) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-07]
CHR Extension: (YouTube) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18]
CHR Extension: (Google-Suche) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-06-07]
CHR Extension: (Yahoo Partner) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2016-12-18]
CHR Extension: (Google Tabellen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-18]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-08]
CHR Extension: (Google Docs Offline) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (Norton Identity Safe) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-18]
CHR Extension: (Userbrain Testing) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\llgephbnjacepipaoflhmabeclnghfic [2017-02-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Google Mail) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-18]
CHR Extension: (Chrome Media Router) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-07]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-04-14] ()
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-09-03] (EasyAntiCheat Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-22] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-07] (Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-02-22] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\BASHDefs\20170306.003\BHDrvx64.sys [1874136 2017-03-06] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation)
S3 cy_System; C:\WINDOWS\System32\drivers\cy-wdriver.sys [36624 2015-11-11] (Cybits AG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-05] (Symantec Corporation)
R1 IDSVia64; C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\IPSDefs\20170310.001\IDSvia64.sys [1038024 2017-03-07] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SRTSP; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-20] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-20] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-20] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-03-07] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\SDSDefs\20170307.007\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\SDSDefs\20170307.007\NAVEX15.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-11 18:00 - 2017-03-11 18:00 - 02424320 _____ (Farbar) C:\Users\Gamer91\Downloads\FRST64.exe
2017-03-08 22:14 - 2017-03-08 22:14 - 00000000 ___HD C:\$SysReset
2017-03-07 20:14 - 2017-03-09 18:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-03-07 20:09 - 2017-03-07 20:09 - 00003392 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-03-07 20:08 - 2017-03-07 20:08 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-03-07 20:08 - 2017-03-07 20:08 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-03-07 20:08 - 2017-03-07 20:08 - 00002321 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-03-07 20:07 - 2017-03-07 20:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-03-07 20:07 - 2017-03-07 20:07 - 00001370 _____ C:\Users\Gamer91\Desktop\Norton Installation Files.lnk
2017-03-07 20:07 - 2017-03-07 20:07 - 00000000 ____D C:\Program Files\Norton Internet Security
2017-03-07 20:07 - 2017-03-07 20:07 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-03-07 20:06 - 2017-03-07 20:07 - 01027712 _____ (Symantec Corporation) C:\Users\Gamer91\Downloads\NortonNISDownloader.exe
2017-03-07 20:01 - 2017-03-07 20:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Remove and Reinstall
2017-03-07 19:56 - 2017-03-07 19:56 - 14417536 _____ (Symantec Corporation) C:\Users\Gamer91\Desktop\NRnR.exe
2017-03-07 19:36 - 2017-03-07 19:36 - 00000000 ____D C:\NPE
2017-03-07 19:35 - 2014-10-17 12:48 - 00170694 _____ C:\WINDOWS\ntbtlog.txt
2017-03-07 19:33 - 2017-03-07 19:33 - 03435768 _____ (Symantec Corporation) C:\Users\Gamer91\Downloads\NPE.exe
2017-03-02 17:56 - 2017-03-02 20:37 - 00000000 ____D C:\Users\Gamer91\Documents\gothic3
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\AGEIA
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-02-18 01:20 - 2017-02-18 01:20 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08
2017-02-18 01:20 - 2017-02-18 01:20 - 00000000 ____D C:\Program Files (x86)\AP Tuner
2017-02-14 00:54 - 2017-02-14 00:54 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\winupdates
2017-02-14 00:42 - 2017-02-14 00:42 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Downloaded Installations
2017-02-14 00:42 - 2017-02-14 00:42 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-02-13 22:25 - 2017-02-13 22:25 - 00000000 ____D C:\WINDOWS\Panther
2017-02-13 22:20 - 2017-02-13 22:20 - 00000050 _____ C:\WINDOWS\system32\bridf08b.dat
2017-02-13 22:20 - 2017-02-13 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-02-13 22:19 - 2017-02-13 22:19 - 00000000 ____D C:\Program Files (x86)\Brother
2017-02-13 22:19 - 2009-05-19 17:39 - 00003072 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2017-02-13 22:19 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2017-02-13 22:19 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2017-02-13 22:19 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2017-02-13 22:19 - 2006-12-28 13:39 - 00176128 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll
2017-02-13 22:18 - 2017-02-13 22:18 - 50187152 _____ (A.I.SOFT,INC.) C:\Users\Gamer91\Downloads\DCP-195C-inst-B1-win78.EXE
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\Users\Gamer91\Downloads\wlan_wiz
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\Users\Gamer91\Downloads\mflpro_c1
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\ProgramData\Brother
2017-02-09 01:52 - 2017-02-09 01:52 - 00000000 ____D C:\Users\Gamer91\AppData\Local\The Lord of the Rings Online
2017-02-09 01:07 - 2017-02-20 17:09 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Akamai
2017-02-09 01:05 - 2017-02-09 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StandingStoneGames
2017-02-09 01:05 - 2017-02-09 01:05 - 00000000 ____D C:\Program Files (x86)\StandingStoneGames

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-11 18:02 - 2015-10-30 20:20 - 00030066 _____ C:\Users\Gamer91\Downloads\FRST.txt
2017-03-11 18:02 - 2015-07-20 14:02 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Spotify
2017-03-11 18:01 - 2015-10-30 17:09 - 00000000 ____D C:\FRST
2017-03-11 17:42 - 2015-07-20 13:58 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Spotify
2017-03-11 17:37 - 2016-11-19 11:51 - 00000000 ____D C:\Users\Gamer91\AppData\LocalLow\Mozilla
2017-03-11 12:38 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-11 12:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-10 01:38 - 2016-09-21 18:32 - 00000000 ____D C:\Users\Gamer91
2017-03-10 01:38 - 2016-09-21 18:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-10 01:18 - 2016-09-21 19:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-10 01:12 - 2014-11-28 20:44 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\.minecraft
2017-03-09 18:32 - 2016-11-19 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-09 15:42 - 2015-02-24 23:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-09 13:25 - 2016-06-27 13:04 - 00552488 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-03-08 23:28 - 2015-07-13 13:24 - 00000000 ___RD C:\Users\Gamer91\Desktop\Eigene Dateien
2017-03-08 16:05 - 2016-09-21 19:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-07 20:20 - 2016-09-21 18:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-03-07 20:20 - 2016-07-16 07:04 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-03-07 20:14 - 2014-10-06 20:32 - 00000000 ____D C:\ProgramData\Norton
2017-03-07 20:08 - 2014-10-06 20:34 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-03-07 20:07 - 2014-11-01 17:59 - 00000000 ____D C:\Users\Public\Downloads\Norton
2017-03-07 20:07 - 2014-10-06 20:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-03-07 19:55 - 2015-06-27 12:18 - 00000000 ____D C:\Users\Gamer91\AppData\Local\NPE
2017-03-07 19:20 - 2015-08-03 23:39 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Skype
2017-03-07 01:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-06 15:57 - 2015-03-23 21:37 - 00000000 ____D C:\Users\Gamer91\AppData\Local\CrashDumps
2017-03-06 15:43 - 2015-10-29 01:02 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\vlc
2017-03-06 13:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-03-06 13:18 - 2016-09-21 18:22 - 00349664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-04 14:22 - 2016-04-04 17:41 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Packages
2017-03-03 16:53 - 2016-04-06 15:46 - 00000000 ____D C:\Users\Gamer91\Documents\Soundaufnahmen
2017-03-03 16:28 - 2015-11-02 21:06 - 01798976 _____ (Malwarebytes) C:\Users\Gamer91\Downloads\JRT.exe
2017-03-03 00:59 - 2016-06-17 19:18 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\TS3Client
2017-03-02 21:31 - 2015-09-03 19:14 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\7DaysToDie
2017-03-02 16:49 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-01 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-01 17:47 - 2015-05-06 19:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-02-28 23:45 - 2014-10-06 21:23 - 00000000 ____D C:\ProgramData\Origin
2017-02-28 23:42 - 2014-12-23 21:13 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Origin
2017-02-28 23:05 - 2014-10-06 21:23 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-28 14:31 - 2014-12-23 23:26 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2017-02-28 14:31 - 2014-12-23 23:17 - 00348928 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-02-28 14:31 - 2014-12-23 23:17 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-02-27 14:29 - 2017-02-01 02:37 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-02-24 03:48 - 2015-05-12 15:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 22:17 - 2014-11-02 17:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:14 - 2014-11-02 17:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 21:53 - 2014-12-23 23:17 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-02-22 19:34 - 2014-10-06 21:54 - 00000000 ____D C:\Users\Gamer91\AppData\Local\TeamSpeak 3 Client
2017-02-22 17:57 - 2015-03-30 20:25 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2017-02-22 15:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-17 22:52 - 2015-09-14 00:28 - 00000000 ____D C:\Users\Gamer91\Documents\Outlook-Dateien
2017-02-17 21:38 - 2016-04-25 18:56 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Battle.net
2017-02-17 19:25 - 2016-11-20 15:41 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-02-17 19:22 - 2016-04-25 19:03 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2017-02-17 18:29 - 2016-04-25 18:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-02-17 16:53 - 2016-08-08 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-15 00:10 - 2014-11-28 20:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-14 22:27 - 2017-01-11 21:20 - 20359768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-02-14 22:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-14 22:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-13 22:19 - 2014-10-06 20:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-13 22:09 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-13 22:09 - 2015-05-04 18:36 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2017-02-11 21:24 - 2016-03-31 23:06 - 00000000 ____D C:\Users\Gamer91\Documents\The Lord of the Rings Online
2017-02-09 01:48 - 2016-03-31 23:09 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Turbine

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-16 22:55 - 2014-04-16 22:55 - 0009130 _____ () C:\Program Files (x86)\Common Files\Samples.sln
2015-05-12 15:56 - 2017-02-22 12:40 - 0075821 _____ () C:\Users\Gamer91\AppData\Local\CDXLExtendedShim.log
2015-08-04 16:40 - 2015-08-10 12:18 - 0004608 _____ () C:\Users\Gamer91\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-06 02:07 - 2015-11-06 02:07 - 0000853 _____ () C:\Users\Gamer91\AppData\Local\recently-used.xbel
2015-09-26 18:57 - 2015-09-26 18:57 - 0000040 _____ () C:\Users\Gamer91\AppData\Local\tmp.no23
2015-08-08 13:38 - 2015-08-08 13:38 - 0000040 _____ () C:\ProgramData\ra3.ini

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-08 20:16

==================== Ende von FRST.txt ============================
         
Addition

Code:
ATTFilter
fZusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (11-03-2017 18:03:23)
Gestartet von C:\Users\Gamer91\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-21 18:04:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3272115789-219833374-1157450271-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3272115789-219833374-1157450271-503 - Limited - Disabled)
Gamer91 (S-1-5-21-3272115789-219833374-1157450271-1000 - Administrator - Enabled) => C:\Users\Gamer91
Gast (S-1-5-21-3272115789-219833374-1157450271-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3272115789-219833374-1157450271-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Der Herr der Ringe Online™“ v1903.0058.2732.4095 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1903.0058.2732.4095 - Standing Stone Games, LLC)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Amazon Amazon Music) (Version: 4.2.0.1281 - Amazon Services LLC)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CambridgeSoft ChemScript 14.0 (HKLM-x32\...\{6053D436-AF21-4D67-A458-04C2B969A865}) (Version: 14.0 - CambridgeSoft Corporation)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.01095 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.3.01095 - Cisco Systems, Inc.) Hidden
Command & Conquer 3 Tiberium Wars™ (HKLM-x32\...\{CAC9DCAF-0EA8-442C-97EA-CA6F5755390A}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™ Alarmstufe Rot™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Devil May Cry® 4 Special Edition (HKLM\...\Steam App 329050) (Version:  - CAPCOM Co., Ltd.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
Fable Anniversary (HKLM\...\Steam App 288470) (Version:  - Lionhead Studios)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gothic (HKLM\...\Steam App 65540) (Version:  - Piranha – Bytes)
Gothic 3 (HKLM\...\Steam App 39500) (Version:  - Piranha – Bytes)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
Half-Life (HKLM\...\Steam App 70) (Version:  - Valve)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KKND Krossfire (HKLM-x32\...\KKND Krossfire) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4903.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Origin 2016 (HKLM-x32\...\{DC460501-EEFA-4701-8AD8-5F7DE1B70436}) (Version: 9.30.00 - OriginLab Corporation)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.11.2-r113542-release - Plays.tv, LLC)
Portal (HKLM\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PunkBuster für Battlefield 1942 (HKLM-x32\...\{127B684B-A002-44C8-99A7-6CF8F1E26873}) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3: Platinum! (HKLM\...\Steam App 2700) (Version:  - Frontier)
RollerCoaster Tycoon: Deluxe (HKLM\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SpellForce: Platinum Edition (HKLM-x32\...\Steam App 39540) (Version:  - Phenomic)
Spotify (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subnautica (HKLM\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
TeamSpeak 3 Client (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
Victor Vran (HKLM-x32\...\Steam App 345180) (Version:  - Haemimont Games)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Warcraft III) (Version:  - )
Warlords Battlecry 3 (HKLM-x32\...\GOGPACKWARLORDSBATTLECRY3_is1) (Version: 2.2.1.15 - GOG.com)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.131 - MSI)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02F6868D-9EF9-4A72-8532-CFDC25297F9E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {041F417F-AB24-4D76-AAF8-52A99CD1F7E5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {151B965D-8EA2-4477-8E1D-74B24F025AEB} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.)
Task: {1A1A84E5-DB1B-45DA-9A53-E1D77D6AC2CB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1E5D5F20-8910-4A4E-A581-665EE5BF3C6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {1FD13DAC-4560-46A1-9F95-38636DFB9692} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {251D9A76-3781-477A-9577-3CF2FDDAF1EC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {2919BC6F-F874-46C9-BC55-D2E2D4CC58CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {2FF52B92-728A-4EA8-A1C1-069B652051C9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {30EAC827-F44E-466B-A1C1-7BFC8C9314DC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3676FA00-EAEB-43AB-AE14-4BE7707BF922} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3839E028-D883-4891-90D8-09B9EEA15347} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {3A88455D-B506-4DA4-BDA3-2EAA784BD10A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3C811280-0DCC-40A4-ACBD-6A3071E3BF74} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {4116AE38-8F44-4BAC-9F4A-058100DC30CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {44190C28-B165-4A00-974C-EECF58A39461} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {46307E98-2090-4CF9-8C64-15E0B4944F79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {478D7751-7813-4EBF-A369-3665B034C49B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B36860C-EC27-4054-9B9F-F753D51671A8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4F23F15F-9833-45FB-B442-390979FF5395} - System32\Tasks\{51A27375-E6F8-4F08-9741-7EBF4355ED29} => pcalua.exe -a C:\Users\Gamer91\Downloads\jxpiinstall(2).exe -d C:\Users\Gamer91\Downloads
Task: {580C9B64-5AA8-417C-9492-6B38D7CC31D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {59D20292-B675-450A-82FE-1B17CE104053} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5BA20FAA-52BE-4AA3-AFE9-0C472A63D553} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {62A37828-7FBC-44F8-901D-29D506543206} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {69609B8A-3613-44FE-8282-D39C31567F11} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6C619482-1067-49B5-809D-58F9C01EA002} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {6E44D060-F97B-43B0-8A2C-F5D6C34FCC49} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6E5AEC8B-8634-424D-A1C0-DE16AB667C75} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6EEC662B-5132-42C4-8562-15CD1C9AA29E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {768CBE1D-1E03-41EB-BDDD-29373099E40F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7C59C346-7E70-4D06-8AD6-C1216F0748F4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7D970669-8C84-4488-B9BF-44CE84CFCBC8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {886D2662-AF30-46CF-A701-5BEF0EADC361} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {8CA9D5C4-7A1F-45E4-B57D-EF13E081166E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {981B6B9A-C508-4676-B2AE-DBB350E11BF0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9984C7C2-334F-4A3B-8A69-44C7FC8EF584} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {9C7250F2-83C1-4413-811B-AE7024A8CA9C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A4A15608-0752-454C-8010-4C71D610D40F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {A4AC0FBE-AC90-4F7C-8B5F-EC501178E283} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {ABE27ECA-DF9D-4574-BA3A-6B3FF9323E4D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {AD9D19D3-1B9D-4C05-AC4A-CDC73A3734D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {B00BB0C1-0308-4F4A-A6FF-7B5613BBA197} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B557D63C-D35B-47D4-8002-A3605DC6FAA5} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {BFA8C52B-CF28-412B-9DA2-8F43A0B35C42} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {CC9A5746-D001-449B-BD65-828B7074018E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D1BF4A07-3E21-45D0-9725-3E852A7B87A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {D76E2E96-D6F8-4EF3-8F2A-4A1224B1DA00} - System32\Tasks\{68A970A5-B6E2-46D2-8B13-31B7399A614D} => C:\Program Files (x86)\EA Games\Battlefield 1942\BF1942.exe 
Task: {D845E5EB-DF41-4F36-B3C8-1C2E61292518} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {DA0C877A-5C63-4768-A43F-F4BE2E9328A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E3E5E3E5-3151-40DA-8B4C-21AE1D2D312D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {EF80C8D0-F3F0-4C77-9052-70D571D9EE4A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {F6933868-3E42-4951-A6B1-929B0F1D13B2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F7188B9C-B6DC-4C39-A316-2BC7914689E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Gamer91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-06 19:13 - 2017-01-17 03:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-23 23:17 - 2017-02-22 21:53 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-21 19:11 - 2016-09-21 19:11 - 00959168 _____ () C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-21 19:15 - 2016-09-21 19:15 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-14 14:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-14 14:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-14 14:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-12-08 21:01 - 2016-03-04 22:34 - 05907944 _____ () C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
2017-02-13 22:19 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2016-07-10 12:37 - 2016-07-10 12:37 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-09-23 21:53 - 2017-02-22 19:35 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 21:57 - 2015-12-07 21:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2017-02-13 22:19 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\sharepoint.com -> hxxps://uzk-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-26 17:57 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02599B5D-492F-4CF7-B615-27B978D932B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{5230EE99-281A-4BEF-850B-DAA432131E77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8909A175-8419-4ED1-B29F-E510DDE1A11F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EEBBB532-BF34-4339-A2B3-5467F8FCB6A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6C5BF478-0732-442C-80BA-EFE159BED705}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1ED994CB-930E-4D0A-B185-CE35C661722C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{9EEB87EF-2F51-4986-A218-F3C62BA3758C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{FB4C4EE9-F7A3-4C98-9F98-6591F128AF9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{F340D168-092D-4E6D-A32D-3E2D6B6394DC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{48841AB1-0D33-47EF-9DB6-CFCAB4FFD711}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4E5D8481-364C-467C-8081-C9E355A33EBE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{42B63D21-2F80-45F6-B729-FAD069E154E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{77B7CD71-2DA2-4F25-B30D-259DD0DFB1B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{61DF0270-4D40-45A9-9762-46FDC1D051FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{5DBFCB45-178C-4623-97A8-E1A040F317E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Special Edition\DevilMayCry4SpecialEdition.exe
FirewallRules: [{4701A06E-7339-4F14-BA80-68ADE9CE09E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Special Edition\DevilMayCry4SpecialEdition.exe
FirewallRules: [{5C6C19EA-7BB5-4626-8063-43C3CE5D6CE0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BE7494E1-5CFC-4D86-B381-8ED11AD1D7A7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9F8DFB22-E1F6-4604-A146-AB67852F28C6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{DD507483-08FD-4B4C-9736-0782AD0631E9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{C36C6362-A1FB-4612-8D35-DEE640F77BB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{5B8C709A-F445-4C8E-9FD7-FF240EF1086B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{AB4B822B-8EC6-4821-AF76-AF1E18899CD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{637A9188-4F0D-428C-8DF9-5526D1EFF86A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{1E496823-9DE3-4892-BD1A-43D6C27E4F1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{42C7BD2F-5185-4965-A5EB-EB072C81F12B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{9DCA1FEF-8302-4990-B91E-8E23E4D171B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{8FA6659B-4586-433C-9016-8FE472B0DC32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{8273F4C1-C805-4EFA-AE7F-58705A0F13A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{37627DDF-48BE-40D0-8012-50819CA7E028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{73DB6EDD-9612-451F-B75B-90D5BECA1860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{E4B16E4A-D28B-4CA1-8645-175641FD531E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{A1435155-94D9-4ECC-9EDA-A16AB87A587F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{203BE1CF-AE30-44F6-AE49-8A51EC4C8E69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{C26107C6-5395-454C-922D-EF0A39A6A9A1}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{9DC41FF1-E423-45C3-8F06-7A2130B463E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{3C67D83A-CD36-4637-9BD3-8B62EE3AE493}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4A45097C-9E66-422A-B7EB-94F1FD6ED379}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{84E169AA-C7A4-4F96-8265-EA5E9536A9D6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{386A9C23-D745-4FC8-A674-DEA99407FB30}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DFF44BDB-6C2A-4005-9CCC-647AFBFBF41D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{669216A6-EC8D-408C-B6B8-858626551905}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{DBB631C4-3C21-40CF-8564-A653486CD3E8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{9BADE01E-674F-4C1E-894B-E06AF1E80E2E}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{31E5D0EC-F50C-46FC-AA04-362536F05EF5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9C870E38-6188-4F9E-AFAB-177B758468F2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{A7633A1E-D4B6-4777-98CF-F26A091D3112}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8FE99B01-B3C1-4447-A18C-646532DA4CC9}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{709EB2CF-6A56-4617-86DC-D3AC5EE4C9CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4529BD38-9D66-4717-88EA-C93A689C1497}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F42EDED-BCBA-43F3-83D5-4A9AF95A5876}] => (Allow) C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{340F343B-104A-438C-AD68-EA5A013D8748}] => (Allow) C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{E80B6E19-D401-49F4-BE20-17E6B6C76DDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FBC22650-F5B8-4406-ACC4-8EF027CEB176}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9209A698-57A7-4423-9B14-FA91B44F012A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C9906C5-EE14-49B2-A322-CF0B3BEC3569}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{84DB6419-A167-49D0-98B6-ECC196EDEE4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D49A5FFC-9BC4-4E68-87E7-355CF2ADD4E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A96A1D99-1B0D-49AD-893E-690E0BDA75A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce Platinum Edition\SpellForce.exe
FirewallRules: [{D85002E8-20FC-407F-BBD7-DDF31591F485}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce Platinum Edition\SpellForce.exe
FirewallRules: [{E9BACD9D-0823-4D57-99FC-868452D18FD6}] => (Allow) C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A14DC914-027E-4E21-BA1E-F04AE302F592}] => (Allow) C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{9B9ED3DA-0AC8-48CA-8ABF-CD2630065443}C:\users\gamer91\desktop\warcraft iii\war3.exe] => (Block) C:\users\gamer91\desktop\warcraft iii\war3.exe
FirewallRules: [UDP Query User{F01838EB-C53E-4E72-A97B-524BF2359344}C:\users\gamer91\desktop\warcraft iii\war3.exe] => (Block) C:\users\gamer91\desktop\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C7681711-0464-40F3-8C75-69CB79B8383D}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{ED1A417F-5883-436B-A46B-B033849E1E3B}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{7D1B68D4-F6B2-47D0-BEB6-D15905437FCC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{713E309C-DCF2-4868-9226-EA1E8903DC70}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{834597F2-1FA3-456E-B2C2-80A089471A4B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{DF54B31E-EC58-4A9A-96E3-9DBA9B4A5A2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{48D352AA-0218-406E-A1CD-7314341C48DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{A83A129C-69A5-47CA-BF76-BDD67739EC46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victor Vran\VictorVranSteam.exe
FirewallRules: [{F4D74017-9A17-4929-8370-AAAFE3750DDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victor Vran\VictorVranSteam.exe
FirewallRules: [TCP Query User{3EE710F2-6EC6-4287-8198-98558E7A5F6C}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{75344311-3943-4043-B3BB-0F92D3E6DA37}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B8FFBA58-EDF0-4350-B168-5C87481AF1E3}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7706BE55-D3CD-4EDD-A748-071B8AD65D81}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EF92653-2C4B-408F-ABFF-8BE6484F2A67}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{56694050-1B80-4D87-A510-5F99016C6544}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{7A7400A1-9849-4A3A-AE74-9B77AFEF908A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{1CBA7726-848A-4E1D-8C46-490824E37F16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{9CCF5C3A-78C2-47E3-9558-80C149CFD7CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{540E4832-B3A3-4B2D-AF1B-B4926B1F8593}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{012A3F71-5066-4947-9155-140B53B6CE77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6BD2EC0B-D6DD-4DFF-B668-08AD1AB611C0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{4D2C78AD-2B71-43EF-98DC-944AF61CFD91}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{424D27C4-82D6-4592-8F0A-C4DFC1226A42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{D259E544-E88D-4833-9ABC-F0DC29E35EEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{13AC390D-4B6D-49BC-A10B-65B232E6497C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0AFA6D23-1751-4E7F-9C30-CEC5C22AF50C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6172031D-0411-44BC-817F-0FDC3DFED9BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DA1FE983-DB7D-4AC3-A3EB-35E63E668FDE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EEDDBD71-A280-4B68-BC9C-9B1C8AB14D7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{841E2F98-D0C9-4190-9A43-78C55EC51A73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{06CA3BF6-19D3-45DB-8F6B-4819EFC479D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{EFF29DF3-EDD0-4CEE-B363-BADEA63416D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{486FB8DE-00F9-45A7-96FC-BD3D26D1E613}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{85AB47CE-07E1-435E-B581-7D93901E580B}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{8B358B63-DF77-4FD9-AFC7-CAB18E823DB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{38250A57-5400-47B1-A9A9-AFABCF7AF6E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{0B910D50-A572-4682-A618-B4421C1D260B}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{C32AC7AF-B651-4015-B62F-AAA199BE4A32}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{FE69E1DE-F538-46CF-9827-08F8F0D28A72}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{AA5464C5-2476-4156-ADC2-54DD9B7F3A54}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [TCP Query User{E19BC58B-6269-4FD8-B298-CCC43E97CD87}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{0CB90E89-0985-44ED-80CA-A763212F12D6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{DD493C8F-9495-4F00-B04E-456F685B940C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A4857E9F-F1D3-4DC7-8AF9-BB7B167EFA42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{FF791F44-FA5F-4B91-A2B0-B22A5A91C1CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A0FFBC5D-EB56-4FD8-8DCF-286B7C260550}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E9C6F915-A110-4D6E-B5F1-03B77348B43F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{D6D89501-34D3-4FF6-96EA-9A7574169636}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{2A553F50-3A69-4BE8-BC60-159FC021FE05}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{E8883B0A-302E-4CE7-8E82-517265CDCB0E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{A08768B8-2E97-4763-9018-487D35A4665D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DDC95EC7-AA63-4B74-89AA-4E63704C5A10}C:\users\gamer91\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gamer91\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{47950E69-4F84-45BB-86B0-E8D66C4B8FE4}C:\users\gamer91\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gamer91\appdata\local\akamai\netsession_win.exe
FirewallRules: [{6AEF89A1-A0C4-4658-86D5-4476BD698EC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{FB47B3E6-8D2D-4D84-9B26-7DC8732681D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{A7195267-FD97-4116-AEA2-9D8E781B9200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{0CD701EC-F397-49C9-BCC0-18B8146DA04F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [TCP Query User{8EE38C6D-EBC6-4B8D-A858-A2B3A8C2BA18}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{A8E78E10-2682-4072-B29C-0561A7D6AD32}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe

==================== Wiederherstellungspunkte =========================

22-02-2017 15:23:08 Windows Update
01-03-2017 23:55:29 Geplanter Prüfpunkt
02-03-2017 17:55:24 Installed NVIDIA PhysX

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/09/2017 07:35:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Gamer91-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/09/2017 11:53:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Gamer91-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/07/2017 07:45:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (03/07/2017 07:44:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/07/2017 07:32:30 PM) (Source: YSearchUtilSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/07/2017 06:26:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Gamer91-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/06/2017 03:57:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ChemDraw.exe, Version: 15.0.0.106, Zeitstempel: 0x5503aefe
Name des fehlerhaften Moduls: ChemDraw.exe, Version: 15.0.0.106, Zeitstempel: 0x5503aefe
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00a85431
ID des fehlerhaften Prozesses: 0x1e74
Startzeit der fehlerhaften Anwendung: 0x01d29689ff6f7323
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\ChemDraw.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\ChemDraw.exe
Berichtskennung: 5a06cdaa-7e24-4b34-93f1-fe614e2cf04c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/06/2017 03:57:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ChemDraw.exe, Version: 15.0.0.106, Zeitstempel: 0x5503aefe
Name des fehlerhaften Moduls: ChemDraw.exe, Version: 15.0.0.106, Zeitstempel: 0x5503aefe
Ausnahmecode: 0xc000008e
Fehleroffset: 0x00a85431
ID des fehlerhaften Prozesses: 0x1e74
Startzeit der fehlerhaften Anwendung: 0x01d29689ff6f7323
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\ChemDraw.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\ChemDraw.exe
Berichtskennung: b8140810-b444-4613-b540-46d74a61183e
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 09:51:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 15.23.20070.19033, Zeitstempel: 0x58a745fb
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000008
Fehleroffset: 0x88ba9d2a
ID des fehlerhaften Prozesses: 0x17d0
Startzeit der fehlerhaften Anwendung: 0x01d295d4b7389a6d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 762ead4c-c2d4-4fa9-a3b7-cd5d7d35d39a
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 07:57:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Gamer91-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (03/09/2017 07:35:42 PM) (Source: DCOM) (EventID: 10010) (User: Gamer91-PC)
Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 11:53:54 AM) (Source: DCOM) (EventID: 10010) (User: Gamer91-PC)
Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/08/2017 04:05:37 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/08/2017 04:05:37 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/08/2017 04:05:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (03/08/2017 04:05:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ?08.?03.?2017 um 15:03:48 unerwartet heruntergefahren.

Error: (03/08/2017 02:15:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/07/2017 08:21:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/07/2017 08:21:01 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/07/2017 08:21:01 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0


CodeIntegrity:
===================================
  Date: 2017-03-06 13:24:54.715
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:54.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.186
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.182
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-01 23:53:24.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:24.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:24.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:23.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:23.947
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6300 Six-Core Processor 
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8140.05 MB
Verfügbarer physikalischer RAM: 5157.94 MB
Summe virtueller Speicher: 16332.05 MB
Verfügbarer virtueller Speicher: 12794.32 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:442.79 GB) (Free:22.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2063AF3E)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________

Alt 11.03.2017, 18:35   #4
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



TDSSKiller

Code:
ATTFilter
18:18:55.0308 0x148c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
18:18:55.0308 0x148c  UEFI system
18:19:04.0340 0x148c  ============================================================
18:19:04.0340 0x148c  Current date / time: 2017/03/11 18:19:04.0340
18:19:04.0341 0x148c  SystemInfo:
18:19:04.0341 0x148c  
18:19:04.0341 0x148c  OS Version: 10.0.14393 ServicePack: 0.0
18:19:04.0341 0x148c  Product type: Workstation
18:19:04.0341 0x148c  ComputerName: GAMER91-PC
18:19:04.0341 0x148c  UserName: Gamer91
18:19:04.0341 0x148c  Windows directory: C:\WINDOWS
18:19:04.0341 0x148c  System windows directory: C:\WINDOWS
18:19:04.0341 0x148c  Running under WOW64
18:19:04.0341 0x148c  Processor architecture: Intel x64
18:19:04.0341 0x148c  Number of processors: 6
18:19:04.0341 0x148c  Page size: 0x1000
18:19:04.0341 0x148c  Boot type: Normal boot
18:19:04.0341 0x148c  CodeIntegrityOptions = 0x00000001
18:19:04.0341 0x148c  ============================================================
18:19:06.0051 0x148c  KLMD registered as C:\WINDOWS\system32\drivers\31515292.sys
18:19:06.0051 0x148c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
18:19:17.0979 0x148c  System UUID: {02A0EE77-85BF-A7D8-AE33-FACAA54AD7F8}
18:19:20.0967 0x148c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:19:20.0983 0x148c  ============================================================
18:19:20.0983 0x148c  \Device\Harddisk0\DR0:
18:19:20.0983 0x148c  GPT partitions:
18:19:20.0984 0x148c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {FE65183F-D17C-4F20-BA62-42B7A0DE0257}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
18:19:20.0984 0x148c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {37F70AFC-AF54-4504-9ECF-7B11A46AE2A7}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
18:19:20.0984 0x148c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {06846D32-1C6E-46D9-9736-26F5B9EADFB5}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x3D01E000
18:19:20.0984 0x148c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {482BF27C-1506-475E-ACAE-A278D135DE35}, Name: Basic data partition, StartLBA 0x3D090800, BlocksNum 0x37595000
18:19:20.0984 0x148c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A6880399-A02D-4898-86DD-44970B7C1404}, Name: , StartLBA 0x74625800, BlocksNum 0xE1000
18:19:20.0984 0x148c  MBR partitions:
18:19:20.0984 0x148c  ============================================================
18:19:21.0007 0x148c  C: <-> \Device\Harddisk0\DR0\Partition4
18:19:21.0007 0x148c  ============================================================
18:19:21.0007 0x148c  Initialize success
18:19:21.0007 0x148c  ============================================================
18:20:16.0377 0x1c40  ============================================================
18:20:16.0377 0x1c40  Scan started
18:20:16.0377 0x1c40  Mode: Manual; SigCheck; TDLFS; 
18:20:16.0377 0x1c40  ============================================================
18:20:16.0377 0x1c40  KSN ping started
18:20:16.0452 0x1c40  KSN ping finished: true
18:20:21.0833 0x1c40  ================ Scan system memory ========================
18:20:21.0833 0x1c40  System memory - ok
18:20:21.0834 0x1c40  ================ Scan services =============================
18:20:22.0095 0x1c40  1394ohci - ok
18:20:22.0117 0x1c40  3ware - ok
18:20:22.0148 0x1c40  ACPI - ok
18:20:22.0153 0x1c40  AcpiDev - ok
18:20:22.0174 0x1c40  acpiex - ok
18:20:22.0211 0x1c40  acpipagr - ok
18:20:22.0224 0x1c40  AcpiPmi - ok
18:20:22.0250 0x1c40  acpitime - ok
18:20:22.0303 0x1c40  [ 4D2A45FDEBC823742B9F37DBBF99893A, E7236141B493879E2F39038A74A3E8AAEDDC56B0BF758BA4725D99B27983155F ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
18:20:22.0352 0x1c40  acsock - ok
18:20:22.0475 0x1c40  [ 295D6A7FC220634C8E6F5F27A6EDAEE7, 155C83D1E359764A25B97B050B8ED6ABB5FF742D00401004206A4616434EE3D4 ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
18:20:22.0504 0x1c40  AdaptiveSleepService - ok
18:20:22.0686 0x1c40  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:20:22.0702 0x1c40  AdobeARMservice - ok
18:20:23.0107 0x1c40  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:20:23.0121 0x1c40  AdobeFlashPlayerUpdateSvc - ok
18:20:23.0128 0x1c40  ADP80XX - ok
18:20:23.0166 0x1c40  AFD - ok
18:20:23.0205 0x1c40  ahcache - ok
18:20:23.0248 0x1c40  AJRouter - ok
18:20:23.0265 0x1c40  ALG - ok
18:20:23.0374 0x1c40  [ 52E0D15D162A6C02E58C5E9E91155031, 09BB2288929D853CAFA25A741CB540E20BDEF421E3E41BFF5BEF78D786021F5A ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
18:20:23.0403 0x1c40  AMD External Events Utility - ok
18:20:23.0410 0x1c40  AmdK8 - ok
18:20:23.0449 0x1c40  [ 66CD2F9A6AD1B720E448053B5CE6F3A4, D9156F311E36297BE63A5BE8E41AA2E6C32AA5A9BD188C4BC6D804BA39F71E15 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
18:20:23.0457 0x1c40  amdkmafd - ok
18:20:23.0508 0x1c40  amdkmdag - ok
18:20:23.0553 0x1c40  [ 8B5782CA9386724048F11C1607425B31, B398B8547B5BB806B73211A3C40EC0337B2D5274F17DD0F7FFDCC91CA853DA7B ] amdkmdap        C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys
18:20:23.0572 0x1c40  amdkmdap - ok
18:20:23.0592 0x1c40  AmdPPM - ok
18:20:23.0595 0x1c40  amdsata - ok
18:20:23.0599 0x1c40  amdsbs - ok
18:20:23.0603 0x1c40  amdxata - ok
18:20:23.0647 0x1c40  AppHostSvc - ok
18:20:23.0655 0x1c40  AppID - ok
18:20:23.0658 0x1c40  AppIDSvc - ok
18:20:23.0669 0x1c40  Appinfo - ok
18:20:23.0681 0x1c40  applockerfltr - ok
18:20:23.0695 0x1c40  AppReadiness - ok
18:20:23.0708 0x1c40  AppXSvc - ok
18:20:23.0712 0x1c40  arcsas - ok
18:20:23.0791 0x1c40  aspnet_state - ok
18:20:23.0800 0x1c40  AsyncMac - ok
18:20:23.0809 0x1c40  atapi - ok
18:20:23.0851 0x1c40  [ 0DFBFA706F09AC18AE29404B394BDFE1, 8E07ED558A03DCBD89502410C8440C60E03A5C7951603F2080827BFCDB24E192 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
18:20:23.0877 0x1c40  AtiHDAudioService - ok
18:20:23.0899 0x1c40  AudioEndpointBuilder - ok
18:20:23.0923 0x1c40  Audiosrv - ok
18:20:23.0928 0x1c40  AxInstSV - ok
18:20:23.0951 0x1c40  b06bdrv - ok
18:20:23.0960 0x1c40  BasicDisplay - ok
18:20:23.0965 0x1c40  BasicRender - ok
18:20:23.0973 0x1c40  bcmfn - ok
18:20:23.0979 0x1c40  bcmfn2 - ok
18:20:23.0990 0x1c40  BDESVC - ok
18:20:23.0993 0x1c40  Beep - ok
18:20:24.0110 0x1c40  [ 34E728ACD12ACC3C8502F437DF4D6601, 025B8A3C463ADEA72FB0A3F70B148547E45091F54A2040E3B07E82EC37430D7E ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:20:24.0145 0x1c40  BEService - ok
18:20:24.0165 0x1c40  BFE - ok
18:20:24.0469 0x1c40  [ CE27F2268497E57A94A48F8D1B47A1B6, 459A2A5C7E1CA27E720AFA95B342CDFD52224467DC4FC54AF870BA5781643F88 ] BHDrvx64        C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\BASHDefs\20170306.003\BHDrvx64.sys
18:20:24.0514 0x1c40  BHDrvx64 - ok
18:20:24.0537 0x1c40  BITS - ok
18:20:24.0543 0x1c40  bowser - ok
18:20:24.0546 0x1c40  BrokerInfrastructure - ok
18:20:24.0551 0x1c40  Browser - ok
18:20:24.0557 0x1c40  BthAvrcpTg - ok
18:20:24.0560 0x1c40  BthHFEnum - ok
18:20:24.0563 0x1c40  bthhfhid - ok
18:20:24.0576 0x1c40  BthHFSrv - ok
18:20:24.0580 0x1c40  BTHMODEM - ok
18:20:24.0585 0x1c40  bthserv - ok
18:20:24.0596 0x1c40  buttonconverter - ok
18:20:24.0599 0x1c40  CapImg - ok
18:20:24.0668 0x1c40  [ FC246917662E3DC1F5BA768FF22FFD3B, 3268ADE1F17F020ED715BA8C3A37B94D555B122B665FA70D73E229462CF5974F ] ccSet_NIS       C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys
18:20:24.0697 0x1c40  ccSet_NIS - ok
18:20:24.0718 0x1c40  cdfs - ok
18:20:24.0730 0x1c40  CDPSvc - ok
18:20:24.0742 0x1c40  CDPUserSvc - ok
18:20:24.0769 0x1c40  cdrom - ok
18:20:24.0799 0x1c40  CertPropSvc - ok
18:20:24.0843 0x1c40  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
18:20:24.0866 0x1c40  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
18:20:24.0932 0x1c40  Detect skipped due to KSN trusted
18:20:24.0932 0x1c40  chip1click - ok
18:20:24.0936 0x1c40  cht4iscsi - ok
18:20:24.0939 0x1c40  cht4vbd - ok
18:20:24.0943 0x1c40  circlass - ok
18:20:24.0964 0x1c40  CLFS - ok
18:20:25.0088 0x1c40  [ CD1F57FE8DD130C4E80134871D2BD216, 998D4A1ABED8415F36FA5F2D45A60BA82D2FA6C1437F578BBCEDB8A9F3B9A144 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:20:25.0160 0x1c40  ClickToRunSvc - ok
18:20:25.0169 0x1c40  ClipSVC - ok
18:20:25.0172 0x1c40  clreg - ok
18:20:25.0182 0x1c40  CmBatt - ok
18:20:25.0185 0x1c40  CNG - ok
18:20:25.0188 0x1c40  cnghwassist - ok
18:20:25.0232 0x1c40  CompositeBus - ok
18:20:25.0236 0x1c40  COMSysApp - ok
18:20:25.0239 0x1c40  condrv - ok
18:20:25.0272 0x1c40  CoreMessagingRegistrar - ok
18:20:25.0291 0x1c40  CryptSvc - ok
18:20:25.0309 0x1c40  [ 97C4255C96BC2351663E6CD671AEC66D, 4F249FB1226B76C3B7E2ED84CEE43C8CAE8A8A23939E50F87A5141A800BECFAE ] cy_System       C:\WINDOWS\system32\drivers\cy-wdriver.sys
18:20:25.0318 0x1c40  cy_System - ok
18:20:25.0322 0x1c40  dam - ok
18:20:25.0341 0x1c40  DcomLaunch - ok
18:20:25.0350 0x1c40  DcpSvc - ok
18:20:25.0358 0x1c40  defragsvc - ok
18:20:25.0367 0x1c40  DeviceAssociationService - ok
18:20:25.0370 0x1c40  DeviceInstall - ok
18:20:25.0383 0x1c40  DevQueryBroker - ok
18:20:25.0394 0x1c40  Dfsc - ok
18:20:25.0419 0x1c40  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:20:25.0431 0x1c40  dg_ssudbus - ok
18:20:25.0448 0x1c40  Dhcp - ok
18:20:25.0511 0x1c40  diagnosticshub.standardcollector.service - ok
18:20:25.0542 0x1c40  DiagTrack - ok
18:20:25.0562 0x1c40  disk - ok
18:20:25.0580 0x1c40  DmEnrollmentSvc - ok
18:20:25.0589 0x1c40  dmvsc - ok
18:20:25.0597 0x1c40  dmwappushservice - ok
18:20:25.0617 0x1c40  Dnscache - ok
18:20:25.0622 0x1c40  dot3svc - ok
18:20:25.0627 0x1c40  DPS - ok
18:20:25.0648 0x1c40  drmkaud - ok
18:20:25.0653 0x1c40  DsmSvc - ok
18:20:25.0657 0x1c40  DsSvc - ok
18:20:25.0664 0x1c40  DXGKrnl - ok
18:20:25.0669 0x1c40  EapHost - ok
18:20:25.0673 0x1c40  EasyAntiCheat - ok
18:20:25.0678 0x1c40  ebdrv - ok
18:20:25.0751 0x1c40  [ 6266BAEDF00023684B10E101E9FBB89B, 720B66721BD9BAE476A0CA9037C5452FB1CC645DC00E6205051C7AF84550051C ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:20:25.0768 0x1c40  eeCtrl - ok
18:20:25.0786 0x1c40  EFS - ok
18:20:25.0791 0x1c40  EhStorClass - ok
18:20:25.0800 0x1c40  EhStorTcgDrv - ok
18:20:25.0808 0x1c40  embeddedmode - ok
18:20:25.0811 0x1c40  EntAppSvc - ok
18:20:25.0836 0x1c40  [ 3180E3A3EFDA196DE5B9980291CFE685, 31B735F04AC80D3BDA3872C77BC361D7E02DF081E31A3581A6C1A5B542EACF4F ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:20:25.0846 0x1c40  EraserUtilRebootDrv - ok
18:20:25.0868 0x1c40  ErrDev - ok
18:20:25.0887 0x1c40  EventSystem - ok
18:20:25.0890 0x1c40  exfat - ok
18:20:25.0911 0x1c40  fastfat - ok
18:20:25.0918 0x1c40  Fax - ok
18:20:25.0922 0x1c40  fdc - ok
18:20:25.0926 0x1c40  fdPHost - ok
18:20:25.0931 0x1c40  FDResPub - ok
18:20:25.0968 0x1c40  fhsvc - ok
18:20:25.0981 0x1c40  FileCrypt - ok
18:20:25.0985 0x1c40  FileInfo - ok
18:20:25.0989 0x1c40  Filetrace - ok
18:20:25.0993 0x1c40  flpydisk - ok
18:20:25.0996 0x1c40  FltMgr - ok
18:20:26.0013 0x1c40  FontCache - ok
18:20:26.0128 0x1c40  FontCache3.0.0.0 - ok
18:20:26.0157 0x1c40  FrameServer - ok
18:20:26.0166 0x1c40  FsDepends - ok
18:20:26.0177 0x1c40  Fs_Rec - ok
18:20:26.0198 0x1c40  fvevol - ok
18:20:26.0215 0x1c40  gencounter - ok
18:20:26.0223 0x1c40  genericusbfn - ok
18:20:26.0233 0x1c40  GPIOClx0101 - ok
18:20:26.0249 0x1c40  gpsvc - ok
18:20:26.0264 0x1c40  GpuEnergyDrv - ok
18:20:26.0304 0x1c40  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:20:26.0318 0x1c40  gupdate - ok
18:20:26.0323 0x1c40  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:20:26.0332 0x1c40  gupdatem - ok
18:20:26.0336 0x1c40  HDAudBus - ok
18:20:26.0340 0x1c40  HidBatt - ok
18:20:26.0343 0x1c40  HidBth - ok
18:20:26.0347 0x1c40  hidi2c - ok
18:20:26.0351 0x1c40  hidinterrupt - ok
18:20:26.0354 0x1c40  HidIr - ok
18:20:26.0376 0x1c40  hidserv - ok
18:20:26.0416 0x1c40  HidUsb - ok
18:20:26.0432 0x1c40  HomeGroupListener - ok
18:20:26.0442 0x1c40  HomeGroupProvider - ok
18:20:26.0451 0x1c40  HpSAMD - ok
18:20:26.0467 0x1c40  HTTP - ok
18:20:26.0482 0x1c40  HvHost - ok
18:20:26.0507 0x1c40  hvservice - ok
18:20:26.0511 0x1c40  hwpolicy - ok
18:20:26.0516 0x1c40  hyperkbd - ok
18:20:26.0529 0x1c40  i8042prt - ok
18:20:26.0534 0x1c40  iagpio - ok
18:20:26.0557 0x1c40  iai2c - ok
18:20:26.0560 0x1c40  iaLPSS2i_GPIO2 - ok
18:20:26.0564 0x1c40  iaLPSS2i_I2C - ok
18:20:26.0569 0x1c40  iaLPSSi_GPIO - ok
18:20:26.0574 0x1c40  iaLPSSi_I2C - ok
18:20:26.0579 0x1c40  iaStorAV - ok
18:20:26.0583 0x1c40  iaStorV - ok
18:20:26.0587 0x1c40  ibbus - ok
18:20:26.0601 0x1c40  icssvc - ok
18:20:26.0799 0x1c40  [ C30DB515D52B027A5D68D5B617F04C47, E2FBA5C736CF79C6052C28C703F99AB895DB8D3E5E7006425CEB7558AA8B0B83 ] IDSVia64        C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\IPSDefs\20170310.001\IDSvia64.sys
18:20:26.0828 0x1c40  IDSVia64 - ok
18:20:26.0834 0x1c40  IKEEXT - ok
18:20:26.0857 0x1c40  IndirectKmd - ok
18:20:26.0965 0x1c40  [ E551BB77E7D436380139977124BDFF62, 34C339D5FDAE67E6A73753D0607B5D9E5735421C2EF93C183844AF5D858BFE82 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:20:27.0043 0x1c40  IntcAzAudAddService - ok
18:20:27.0052 0x1c40  intelide - ok
18:20:27.0055 0x1c40  intelpep - ok
18:20:27.0059 0x1c40  intelppm - ok
18:20:27.0078 0x1c40  iorate - ok
18:20:27.0080 0x1c40  IpFilterDriver - ok
18:20:27.0096 0x1c40  iphlpsvc - ok
18:20:27.0099 0x1c40  IPMIDRV - ok
18:20:27.0102 0x1c40  IPNAT - ok
18:20:27.0105 0x1c40  irda - ok
18:20:27.0108 0x1c40  IRENUM - ok
18:20:27.0125 0x1c40  irmon - ok
18:20:27.0129 0x1c40  isapnp - ok
18:20:27.0132 0x1c40  iScsiPrt - ok
18:20:27.0136 0x1c40  kbdclass - ok
18:20:27.0146 0x1c40  kbdhid - ok
18:20:27.0158 0x1c40  kdnic - ok
18:20:27.0161 0x1c40  KeyIso - ok
18:20:27.0164 0x1c40  KSecDD - ok
18:20:27.0175 0x1c40  KSecPkg - ok
18:20:27.0179 0x1c40  ksthunk - ok
18:20:27.0189 0x1c40  KtmRm - ok
18:20:27.0201 0x1c40  LanmanServer - ok
18:20:27.0208 0x1c40  LanmanWorkstation - ok
18:20:27.0213 0x1c40  lfsvc - ok
18:20:27.0217 0x1c40  LicenseManager - ok
18:20:27.0220 0x1c40  lltdio - ok
18:20:27.0223 0x1c40  lltdsvc - ok
18:20:27.0226 0x1c40  lmhosts - ok
18:20:27.0231 0x1c40  LSI_SAS - ok
18:20:27.0235 0x1c40  LSI_SAS2i - ok
18:20:27.0238 0x1c40  LSI_SAS3i - ok
18:20:27.0242 0x1c40  LSI_SSS - ok
18:20:27.0248 0x1c40  LSM - ok
18:20:27.0251 0x1c40  luafv - ok
18:20:27.0286 0x1c40  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64          C:\WINDOWS\system32\DRIVERS\lvrs64.sys
18:20:27.0300 0x1c40  lvrs64 - ok
18:20:27.0437 0x1c40  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
18:20:27.0538 0x1c40  LVUVC64 - ok
18:20:27.0566 0x1c40  MapsBroker - ok
18:20:27.0587 0x1c40  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:20:27.0595 0x1c40  MBAMProtector - ok
18:20:27.0696 0x1c40  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:20:27.0727 0x1c40  MBAMService - ok
18:20:27.0769 0x1c40  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:20:27.0791 0x1c40  MBAMWebAccessControl - ok
18:20:27.0796 0x1c40  megasas - ok
18:20:27.0825 0x1c40  megasas2i - ok
18:20:27.0830 0x1c40  megasr - ok
18:20:27.0836 0x1c40  MessagingService - ok
18:20:27.0855 0x1c40  mlx4_bus - ok
18:20:27.0859 0x1c40  MMCSS - ok
18:20:27.0863 0x1c40  Modem - ok
18:20:27.0882 0x1c40  monitor - ok
18:20:27.0914 0x1c40  [ 95314C3A08589471983C2C8173F23CDA, 05D30728D7204ABA2437259ECF929A94E6573F7621BAF35D76EBA26F5489A6CF ] MonitorFunction C:\WINDOWS\System32\drivers\TVMonitor.sys
18:20:27.0924 0x1c40  MonitorFunction - ok
18:20:27.0930 0x1c40  mouclass - ok
18:20:27.0934 0x1c40  mouhid - ok
18:20:27.0939 0x1c40  mountmgr - ok
18:20:27.0981 0x1c40  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:20:27.0992 0x1c40  MozillaMaintenance - ok
18:20:27.0996 0x1c40  mpsdrv - ok
18:20:28.0013 0x1c40  MpsSvc - ok
18:20:28.0048 0x1c40  MQAC - ok
18:20:28.0059 0x1c40  MRxDAV - ok
18:20:28.0074 0x1c40  mrxsmb - ok
18:20:28.0083 0x1c40  mrxsmb10 - ok
18:20:28.0091 0x1c40  mrxsmb20 - ok
18:20:28.0098 0x1c40  MsBridge - ok
18:20:28.0112 0x1c40  MSDTC - ok
18:20:28.0122 0x1c40  Msfs - ok
18:20:28.0126 0x1c40  msgpiowin32 - ok
18:20:28.0129 0x1c40  mshidkmdf - ok
18:20:28.0133 0x1c40  mshidumdf - ok
18:20:28.0136 0x1c40  msisadrv - ok
18:20:28.0142 0x1c40  MSiSCSI - ok
18:20:28.0145 0x1c40  msiserver - ok
18:20:28.0148 0x1c40  MSKSSRV - ok
18:20:28.0151 0x1c40  MsLldp - ok
18:20:28.0158 0x1c40  MSMQ - ok
18:20:28.0161 0x1c40  MSPCLOCK - ok
18:20:28.0166 0x1c40  MSPQM - ok
18:20:28.0170 0x1c40  MsRPC - ok
18:20:28.0175 0x1c40  mssmbios - ok
18:20:28.0178 0x1c40  MSTEE - ok
18:20:28.0182 0x1c40  MTConfig - ok
18:20:28.0185 0x1c40  Mup - ok
18:20:28.0188 0x1c40  mvumis - ok
18:20:28.0202 0x1c40  NativeWifiP - ok
18:20:28.0228 0x1c40  NAVENG - ok
18:20:28.0230 0x1c40  NAVEX15 - ok
18:20:28.0235 0x1c40  NcaSvc - ok
18:20:28.0257 0x1c40  NcbService - ok
18:20:28.0260 0x1c40  NcdAutoSetup - ok
18:20:28.0264 0x1c40  ndfltr - ok
18:20:28.0272 0x1c40  NDIS - ok
18:20:28.0275 0x1c40  NdisCap - ok
18:20:28.0294 0x1c40  NdisImPlatform - ok
18:20:28.0298 0x1c40  NdisTapi - ok
18:20:28.0301 0x1c40  Ndisuio - ok
18:20:28.0304 0x1c40  NdisVirtualBus - ok
18:20:28.0307 0x1c40  NdisWan - ok
18:20:28.0311 0x1c40  ndiswanlegacy - ok
18:20:28.0314 0x1c40  ndproxy - ok
18:20:28.0317 0x1c40  Ndu - ok
18:20:28.0320 0x1c40  NetAdapterCx - ok
18:20:28.0323 0x1c40  NetBIOS - ok
18:20:28.0329 0x1c40  NetBT - ok
18:20:28.0332 0x1c40  Netlogon - ok
18:20:28.0335 0x1c40  Netman - ok
18:20:28.0349 0x1c40  NetMsmqActivator - ok
18:20:28.0351 0x1c40  NetPipeActivator - ok
18:20:28.0373 0x1c40  netprofm - ok
18:20:28.0400 0x1c40  NetSetupSvc - ok
18:20:28.0402 0x1c40  NetTcpActivator - ok
18:20:28.0405 0x1c40  NetTcpPortSharing - ok
18:20:28.0412 0x1c40  NgcCtnrSvc - ok
18:20:28.0428 0x1c40  NgcSvc - ok
18:20:28.0472 0x1c40  [ A3F57EC90CED5891CC397CBF15D56250, 359B5A7FA94B8FCCD04C6267C67453C9860F1CB7DAA6FFF2905672D76A9AD678 ] NIS             C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
18:20:28.0485 0x1c40  NIS - ok
18:20:28.0490 0x1c40  NlaSvc - ok
18:20:28.0493 0x1c40  Npfs - ok
18:20:28.0496 0x1c40  npsvctrig - ok
18:20:28.0500 0x1c40  nsi - ok
18:20:28.0503 0x1c40  nsiproxy - ok
18:20:28.0520 0x1c40  NTFS - ok
18:20:28.0523 0x1c40  Null - ok
18:20:28.0527 0x1c40  nvraid - ok
18:20:28.0531 0x1c40  nvstor - ok
18:20:28.0546 0x1c40  OneSyncSvc - ok
18:20:28.0648 0x1c40  [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:20:28.0698 0x1c40  Origin Client Service - ok
18:20:28.0764 0x1c40  [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
18:20:28.0814 0x1c40  Origin Web Helper Service - ok
18:20:28.0879 0x1c40  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:20:28.0907 0x1c40  ose - ok
18:20:29.0144 0x1c40  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:20:29.0258 0x1c40  osppsvc - ok
18:20:29.0286 0x1c40  p2pimsvc - ok
18:20:29.0293 0x1c40  p2psvc - ok
18:20:29.0296 0x1c40  Parport - ok
18:20:29.0301 0x1c40  partmgr - ok
18:20:29.0325 0x1c40  PcaSvc - ok
18:20:29.0345 0x1c40  pci - ok
18:20:29.0366 0x1c40  pciide - ok
18:20:29.0377 0x1c40  pcmcia - ok
18:20:29.0383 0x1c40  pcw - ok
18:20:29.0393 0x1c40  pdc - ok
18:20:29.0406 0x1c40  PEAUTH - ok
18:20:29.0411 0x1c40  percsas2i - ok
18:20:29.0414 0x1c40  percsas3i - ok
18:20:29.0479 0x1c40  PerfHost - ok
18:20:29.0489 0x1c40  PhoneSvc - ok
18:20:29.0517 0x1c40  PimIndexMaintenanceSvc - ok
18:20:29.0541 0x1c40  pla - ok
18:20:29.0608 0x1c40  [ 4808ACE4B2C161AF2667F6C1AC45B434, 7C8F570721BA9827D2F4E5E48545D8A062484783091D7B1340BEE1F78AC90117 ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
18:20:29.0626 0x1c40  PlaysService - ok
18:20:29.0644 0x1c40  PlugPlay - ok
18:20:29.0648 0x1c40  PnkBstrA - ok
18:20:29.0652 0x1c40  PNRPAutoReg - ok
18:20:29.0655 0x1c40  PNRPsvc - ok
18:20:29.0668 0x1c40  PolicyAgent - ok
18:20:29.0673 0x1c40  Power - ok
18:20:29.0677 0x1c40  PptpMiniport - ok
18:20:29.0826 0x1c40  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:20:29.0940 0x1c40  PrintNotify - ok
18:20:29.0949 0x1c40  Processor - ok
18:20:29.0969 0x1c40  ProfSvc - ok
18:20:29.0972 0x1c40  Psched - ok
18:20:29.0984 0x1c40  QWAVE - ok
18:20:29.0987 0x1c40  QWAVEdrv - ok
18:20:29.0991 0x1c40  RasAcd - ok
18:20:30.0008 0x1c40  RasAgileVpn - ok
18:20:30.0012 0x1c40  RasAuto - ok
18:20:30.0016 0x1c40  Rasl2tp - ok
18:20:30.0028 0x1c40  RasMan - ok
18:20:30.0031 0x1c40  RasPppoe - ok
18:20:30.0034 0x1c40  RasSstp - ok
18:20:30.0038 0x1c40  rdbss - ok
18:20:30.0046 0x1c40  rdpbus - ok
18:20:30.0051 0x1c40  RDPDR - ok
18:20:30.0064 0x1c40  RdpVideoMiniport - ok
18:20:30.0068 0x1c40  rdyboost - ok
18:20:30.0071 0x1c40  ReFSv1 - ok
18:20:30.0085 0x1c40  RemoteAccess - ok
18:20:30.0089 0x1c40  RemoteRegistry - ok
18:20:30.0094 0x1c40  RetailDemo - ok
18:20:30.0106 0x1c40  RmSvc - ok
18:20:30.0110 0x1c40  RpcEptMapper - ok
18:20:30.0120 0x1c40  RpcLocator - ok
18:20:30.0123 0x1c40  RpcSs - ok
18:20:30.0127 0x1c40  rspndr - ok
18:20:30.0135 0x1c40  rt640x64 - ok
18:20:30.0139 0x1c40  s3cap - ok
18:20:30.0145 0x1c40  SamSs - ok
18:20:30.0148 0x1c40  sbp2port - ok
18:20:30.0156 0x1c40  SCardSvr - ok
18:20:30.0192 0x1c40  ScDeviceEnum - ok
18:20:30.0196 0x1c40  scfilter - ok
18:20:30.0200 0x1c40  Schedule - ok
18:20:30.0203 0x1c40  scmbus - ok
18:20:30.0206 0x1c40  scmdisk0101 - ok
18:20:30.0224 0x1c40  SCPolicySvc - ok
18:20:30.0240 0x1c40  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys
18:20:30.0248 0x1c40  ScreamBAudioSvc - ok
18:20:30.0252 0x1c40  sdbus - ok
18:20:30.0255 0x1c40  SDRSVC - ok
18:20:30.0259 0x1c40  sdstor - ok
18:20:30.0263 0x1c40  seclogon - ok
18:20:30.0279 0x1c40  SENS - ok
18:20:30.0282 0x1c40  SensorDataService - ok
18:20:30.0301 0x1c40  SensorService - ok
18:20:30.0305 0x1c40  SensrSvc - ok
18:20:30.0308 0x1c40  SerCx - ok
18:20:30.0313 0x1c40  SerCx2 - ok
18:20:30.0316 0x1c40  Serenum - ok
18:20:30.0319 0x1c40  Serial - ok
18:20:30.0323 0x1c40  sermouse - ok
18:20:30.0350 0x1c40  SessionEnv - ok
18:20:30.0357 0x1c40  sfloppy - ok
18:20:30.0382 0x1c40  SharedAccess - ok
18:20:30.0388 0x1c40  ShellHWDetection - ok
18:20:30.0408 0x1c40  shpamsvc - ok
18:20:30.0412 0x1c40  SiSRaid2 - ok
18:20:30.0416 0x1c40  SiSRaid4 - ok
18:20:30.0456 0x1c40  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:20:30.0491 0x1c40  SkypeUpdate - ok
18:20:30.0520 0x1c40  smphost - ok
18:20:30.0543 0x1c40  SmsRouter - ok
18:20:30.0551 0x1c40  SNMPTRAP - ok
18:20:30.0562 0x1c40  spaceport - ok
18:20:30.0566 0x1c40  SpbCx - ok
18:20:30.0571 0x1c40  Spooler - ok
18:20:30.0593 0x1c40  sppsvc - ok
18:20:30.0671 0x1c40  [ D584182DA13EA48D9025C1D61FB72FFB, C0DED207C6860F9080522CF748AE6CE933C05431256B95C6747AB8661AE50A2A ] SRTSP           C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSP64.SYS
18:20:30.0694 0x1c40  SRTSP - ok
18:20:30.0709 0x1c40  [ 36794962FAB0081D73D61E364EFD05DD, 5E3BE7EEDD57D2F1E6F130F0A6E011323145A715C2FBDF5AD29E7C945ABC0CC2 ] SRTSPX          C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS
18:20:30.0717 0x1c40  SRTSPX - ok
18:20:30.0735 0x1c40  srv - ok
18:20:30.0748 0x1c40  srv2 - ok
18:20:30.0758 0x1c40  srvnet - ok
18:20:30.0762 0x1c40  SSDPSRV - ok
18:20:30.0768 0x1c40  SstpSvc - ok
18:20:30.0789 0x1c40  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:20:30.0800 0x1c40  ssudmdm - ok
18:20:30.0814 0x1c40  StateRepository - ok
18:20:30.0922 0x1c40  [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:20:30.0957 0x1c40  Steam Client Service - ok
18:20:30.0984 0x1c40  stexstor - ok
18:20:30.0994 0x1c40  stisvc - ok
18:20:31.0002 0x1c40  storahci - ok
18:20:31.0006 0x1c40  storflt - ok
18:20:31.0011 0x1c40  stornvme - ok
18:20:31.0015 0x1c40  storqosflt - ok
18:20:31.0019 0x1c40  StorSvc - ok
18:20:31.0023 0x1c40  storufs - ok
18:20:31.0026 0x1c40  storvsc - ok
18:20:31.0030 0x1c40  svsvc - ok
18:20:31.0033 0x1c40  swenum - ok
18:20:31.0036 0x1c40  swprv - ok
18:20:31.0089 0x1c40  [ 524DA42A8CE7D57319569042DEDE790F, 64AAC565651787930D9367BFA8147C1BBDD08CDA7D7F1580B49DE5ABA8298C44 ] SymEFASI        C:\WINDOWS\system32\drivers\NISx64\1609000.047\SYMEFASI64.SYS
18:20:31.0130 0x1c40  SymEFASI - ok
18:20:31.0165 0x1c40  [ 8EB1D78B7FB4F8632E4777636FECE3D9, 2663373C3582D72DF28563B575E55A907BC1FCA9672BFEA7083A240A9857FAF3 ] SymELAM         C:\WINDOWS\system32\drivers\NISx64\1609000.047\SymELAM.sys
18:20:31.0177 0x1c40  SymELAM - ok
18:20:31.0199 0x1c40  [ 795F3D7EADA700EA18DF8DE490925C7E, F3B464B306744F32CD66D6A4365032BDDA490D1BDEB61F1B4E25A17D53AEA9C1 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
18:20:31.0208 0x1c40  SymEvent - ok
18:20:31.0240 0x1c40  [ D1FDDADC2656601FF4E65D1B2653ED50, 4B499BB681765E2A28CB98716FCCA842C2568D4DC275943E00BC2EF2DECC03CB ] SymIRON         C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS
18:20:31.0253 0x1c40  SymIRON - ok
18:20:31.0271 0x1c40  [ A0F063F986EA89A0E5B2C95795E8D91A, AF439E312B4828D32F193E4EFD3A59E2C046876FD7E1BB62F6CF58E4A2F44615 ] SymNetS         C:\WINDOWS\system32\drivers\NISx64\1609000.047\SYMNETS.SYS
18:20:31.0289 0x1c40  SymNetS - ok
18:20:31.0316 0x1c40  Synth3dVsc - ok
18:20:31.0325 0x1c40  SysMain - ok
18:20:31.0334 0x1c40  SystemEventsBroker - ok
18:20:31.0338 0x1c40  TabletInputService - ok
18:20:31.0342 0x1c40  TapiSrv - ok
18:20:31.0350 0x1c40  Tcpip - ok
18:20:31.0353 0x1c40  Tcpip6 - ok
18:20:31.0360 0x1c40  tcpipreg - ok
18:20:31.0365 0x1c40  tdx - ok
18:20:31.0389 0x1c40  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
18:20:31.0397 0x1c40  teamviewervpn - ok
18:20:31.0402 0x1c40  terminpt - ok
18:20:31.0423 0x1c40  TermService - ok
18:20:31.0435 0x1c40  Themes - ok
18:20:31.0450 0x1c40  TieringEngineService - ok
18:20:31.0454 0x1c40  tiledatamodelsvc - ok
18:20:31.0458 0x1c40  TimeBrokerSvc - ok
18:20:31.0469 0x1c40  TPM - ok
18:20:31.0472 0x1c40  TrkWks - ok
18:20:31.0520 0x1c40  TrustedInstaller - ok
18:20:31.0535 0x1c40  tsusbflt - ok
18:20:31.0545 0x1c40  TsUsbGD - ok
18:20:31.0554 0x1c40  tunnel - ok
18:20:31.0567 0x1c40  tzautoupdate - ok
18:20:31.0577 0x1c40  UASPStor - ok
18:20:31.0582 0x1c40  UcmCx0101 - ok
18:20:31.0586 0x1c40  UcmTcpciCx0101 - ok
18:20:31.0590 0x1c40  UcmUcsi - ok
18:20:31.0595 0x1c40  Ucx01000 - ok
18:20:31.0599 0x1c40  UdeCx - ok
18:20:31.0603 0x1c40  udfs - ok
18:20:31.0607 0x1c40  UEFI - ok
18:20:31.0610 0x1c40  Ufx01000 - ok
18:20:31.0614 0x1c40  UfxChipidea - ok
18:20:31.0617 0x1c40  ufxsynopsys - ok
18:20:31.0625 0x1c40  UI0Detect - ok
18:20:31.0628 0x1c40  umbus - ok
18:20:31.0632 0x1c40  UmPass - ok
18:20:31.0636 0x1c40  UmRdpService - ok
18:20:31.0639 0x1c40  UnistoreSvc - ok
18:20:31.0657 0x1c40  upnphost - ok
18:20:31.0661 0x1c40  UrsChipidea - ok
18:20:31.0664 0x1c40  UrsCx01000 - ok
18:20:31.0668 0x1c40  UrsSynopsys - ok
18:20:31.0689 0x1c40  usbaudio - ok
18:20:31.0693 0x1c40  usbccgp - ok
18:20:31.0697 0x1c40  usbcir - ok
18:20:31.0701 0x1c40  usbehci - ok
18:20:31.0728 0x1c40  [ 76E2FFAD301490BA27B947C6507752FB, A4C6FC5C3BF428C624D0792873CB01C8F16F49B0E8B36422025A1094F0AAE231 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
18:20:31.0736 0x1c40  usbfilter - ok
18:20:31.0740 0x1c40  usbhub - ok
18:20:31.0745 0x1c40  USBHUB3 - ok
18:20:31.0748 0x1c40  usbohci - ok
18:20:31.0752 0x1c40  usbprint - ok
18:20:31.0773 0x1c40  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:20:31.0787 0x1c40  usbscan - ok
18:20:31.0791 0x1c40  usbser - ok
18:20:31.0795 0x1c40  USBSTOR - ok
18:20:31.0799 0x1c40  usbuhci - ok
18:20:31.0803 0x1c40  USBXHCI - ok
18:20:31.0807 0x1c40  UserDataSvc - ok
18:20:31.0829 0x1c40  UserManager - ok
18:20:31.0836 0x1c40  UsoSvc - ok
18:20:31.0839 0x1c40  VaultSvc - ok
18:20:31.0844 0x1c40  vdrvroot - ok
18:20:31.0849 0x1c40  vds - ok
18:20:31.0854 0x1c40  VerifierExt - ok
18:20:31.0866 0x1c40  vhdmp - ok
18:20:31.0870 0x1c40  vhf - ok
18:20:31.0874 0x1c40  vmbus - ok
18:20:31.0878 0x1c40  VMBusHID - ok
18:20:31.0882 0x1c40  vmgid - ok
18:20:31.0889 0x1c40  vmicguestinterface - ok
18:20:31.0893 0x1c40  vmicheartbeat - ok
18:20:31.0898 0x1c40  vmickvpexchange - ok
18:20:31.0926 0x1c40  vmicrdv - ok
18:20:31.0929 0x1c40  vmicshutdown - ok
18:20:31.0933 0x1c40  vmictimesync - ok
18:20:31.0937 0x1c40  vmicvmsession - ok
18:20:31.0941 0x1c40  vmicvss - ok
18:20:31.0945 0x1c40  volmgr - ok
18:20:31.0949 0x1c40  volmgrx - ok
18:20:31.0953 0x1c40  volsnap - ok
18:20:31.0956 0x1c40  volume - ok
18:20:31.0961 0x1c40  vpci - ok
18:20:32.0015 0x1c40  [ 786148B4BB46040FE5DAC0E149E77AF1, D315BB4F0D12B03DE6297FFC02E106BAAD7D4045F067AE4B9B9A978F5575DFD0 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
18:20:32.0036 0x1c40  vpnagent - ok
18:20:32.0073 0x1c40  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\WINDOWS\System32\drivers\vpnva64-6.sys
18:20:32.0082 0x1c40  vpnva - ok
18:20:32.0087 0x1c40  vsmraid - ok
18:20:32.0091 0x1c40  VSS - ok
18:20:32.0096 0x1c40  VSTXRAID - ok
18:20:32.0101 0x1c40  vwifibus - ok
18:20:32.0105 0x1c40  vwififlt - ok
18:20:32.0122 0x1c40  W32Time - ok
18:20:32.0163 0x1c40  w3logsvc - ok
18:20:32.0173 0x1c40  W3SVC - ok
18:20:32.0177 0x1c40  WacomPen - ok
18:20:32.0181 0x1c40  WalletService - ok
18:20:32.0185 0x1c40  wanarp - ok
18:20:32.0189 0x1c40  wanarpv6 - ok
18:20:32.0192 0x1c40  WAS - ok
18:20:32.0196 0x1c40  wbengine - ok
18:20:32.0216 0x1c40  WbioSrvc - ok
18:20:32.0232 0x1c40  wcifs - ok
18:20:32.0236 0x1c40  Wcmsvc - ok
18:20:32.0239 0x1c40  wcncsvc - ok
18:20:32.0244 0x1c40  wcnfs - ok
18:20:32.0248 0x1c40  WdBoot - ok
18:20:32.0252 0x1c40  Wdf01000 - ok
18:20:32.0255 0x1c40  WdFilter - ok
18:20:32.0259 0x1c40  WdiServiceHost - ok
18:20:32.0263 0x1c40  WdiSystemHost - ok
18:20:32.0271 0x1c40  wdiwifi - ok
18:20:32.0275 0x1c40  WdNisDrv - ok
18:20:32.0302 0x1c40  WdNisSvc - ok
18:20:32.0306 0x1c40  WebClient - ok
18:20:32.0310 0x1c40  Wecsvc - ok
18:20:32.0314 0x1c40  WEPHOSTSVC - ok
18:20:32.0328 0x1c40  wercplsupport - ok
18:20:32.0332 0x1c40  WerSvc - ok
18:20:32.0336 0x1c40  WFPLWFS - ok
18:20:32.0340 0x1c40  WiaRpc - ok
18:20:32.0345 0x1c40  WIMMount - ok
18:20:32.0347 0x1c40  WinDefend - ok
18:20:32.0376 0x1c40  WindowsTrustedRT - ok
18:20:32.0380 0x1c40  WindowsTrustedRTProxy - ok
18:20:32.0386 0x1c40  WinHttpAutoProxySvc - ok
18:20:32.0390 0x1c40  WinMad - ok
18:20:32.0429 0x1c40  Winmgmt - ok
18:20:32.0442 0x1c40  WinRM - ok
18:20:32.0451 0x1c40  WINUSB - ok
18:20:32.0456 0x1c40  WinVerbs - ok
18:20:32.0471 0x1c40  wisvc - ok
18:20:32.0485 0x1c40  WlanSvc - ok
18:20:32.0504 0x1c40  wlidsvc - ok
18:20:32.0508 0x1c40  WmiAcpi - ok
18:20:32.0516 0x1c40  wmiApSrv - ok
18:20:32.0529 0x1c40  WMPNetworkSvc - ok
18:20:32.0543 0x1c40  Wof - ok
18:20:32.0562 0x1c40  workfolderssvc - ok
18:20:32.0567 0x1c40  WPDBusEnum - ok
18:20:32.0574 0x1c40  WpdUpFltr - ok
18:20:32.0579 0x1c40  WpnService - ok
18:20:32.0583 0x1c40  WpnUserService - ok
18:20:32.0588 0x1c40  ws2ifsl - ok
18:20:32.0593 0x1c40  wscsvc - ok
18:20:32.0605 0x1c40  WSDPrintDevice - ok
18:20:32.0608 0x1c40  WSDScan - ok
18:20:32.0612 0x1c40  WSearch - ok
18:20:32.0636 0x1c40  wuauserv - ok
18:20:32.0640 0x1c40  WudfPf - ok
18:20:32.0645 0x1c40  wudfsvc - ok
18:20:32.0649 0x1c40  WUDFWpdFs - ok
18:20:32.0652 0x1c40  WUDFWpdMtp - ok
18:20:32.0671 0x1c40  WwanSvc - ok
18:20:32.0690 0x1c40  XblAuthManager - ok
18:20:32.0702 0x1c40  XblGameSave - ok
18:20:32.0719 0x1c40  xboxgip - ok
18:20:32.0723 0x1c40  XboxNetApiSvc - ok
18:20:32.0742 0x1c40  xinputhid - ok
18:20:32.0766 0x1c40  xusb22 - ok
18:20:32.0766 0x1c40  ================ Scan global ===============================
18:20:32.0843 0x1c40  [ Global ] - ok
18:20:32.0844 0x1c40  ================ Scan MBR ==================================
18:20:32.0861 0x1c40  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:20:32.0946 0x1c40  \Device\Harddisk0\DR0 - ok
18:20:32.0946 0x1c40  ================ Scan VBR ==================================
18:20:32.0950 0x1c40  [ CE8324C39C890460206FAED77BCC9058 ] \Device\Harddisk0\DR0\Partition1
18:20:32.0951 0x1c40  \Device\Harddisk0\DR0\Partition1 - ok
18:20:32.0973 0x1c40  [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
18:20:32.0973 0x1c40  \Device\Harddisk0\DR0\Partition2 - ok
18:20:32.0984 0x1c40  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:20:32.0986 0x1c40  \Device\Harddisk0\DR0\Partition3 - ok
18:20:33.0001 0x1c40  [ 8FA4670387C5D7226A2D16F046536AC4 ] \Device\Harddisk0\DR0\Partition4
18:20:33.0003 0x1c40  \Device\Harddisk0\DR0\Partition4 - ok
18:20:33.0028 0x1c40  [ 5CA3ABF8DEFDF94606F0594C6E1E589F ] \Device\Harddisk0\DR0\Partition5
18:20:33.0030 0x1c40  \Device\Harddisk0\DR0\Partition5 - ok
18:20:33.0030 0x1c40  ================ Scan generic autorun ======================
18:20:33.0283 0x1c40  [ 61389338DF2FE34B240F70B757A7EA27, A8BE0557A3B8BEB706418F27D9C8C4730E1869DC7DF4FDE82BCDF6355628109E ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
18:20:33.0484 0x1c40  RTHDVCPL - ok
18:20:33.0788 0x1c40  [ 508A138C09D5030E3A22A11FCF90D69E, 3B1E2660453ABAA9610FA2FE85C81AA4DA56FA7823AF01E5ACC411A646604A94 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
18:20:34.0030 0x1c40  StartCN - ok
18:20:34.0083 0x1c40  [ 5A77E2A4DD76B0733CF30AAD21AB3587, 345C43F209CD29C7A1E8BD88C725D154C29F47B767CD3749EE61601EB4DDDC03 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
18:20:34.0093 0x1c40  RUSB3MON - ok
18:20:34.0140 0x1c40  [ CB454FBAB5376D13813C9235E87F1EAD, AFF6F58EDC228F4217A528D951FA5DA317A00D44D1B57841E855D728725F2852 ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
18:20:34.0191 0x1c40  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
18:20:34.0331 0x1c40  AVMWlanClient ( UnsignedFile.Multi.Generic ) - warning
18:20:34.0508 0x1c40  [ BCC2BA8DB7B43EEB5092E4D9E35315FB, 59BBA619DC45C0F47A4CD44FF20250942532E5084A51B75E462A326CFEC1D8CD ] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
18:20:34.0517 0x1c40  Raptr - ok
18:20:34.0586 0x1c40  [ 8AB64F458494D8606BC5C9D0A9CE9362, 36E286E4850806E893F2B7B2A6111C9AB14F768F1BD4C1260478B6E62F71D30F ] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
18:20:34.0595 0x1c40  PlaysTV - ok
18:20:34.0637 0x1c40  ChicoSys - ok
18:20:34.0706 0x1c40  [ A6A77A4BF2FB6AA4F8357DBFC2B9C724, 0A654E001AF5614F93FB78E5A84D48CD30AAF73F24691DCA5137DD867A9A4447 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
18:20:34.0736 0x1c40  Cisco AnyConnect Secure Mobility Agent for Windows - ok
18:20:34.0786 0x1c40  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:20:34.0805 0x1c40  SunJavaUpdateSched - ok
18:20:34.0907 0x1c40  [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
18:20:34.0974 0x1c40  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
18:20:35.0032 0x1c40  Detect skipped due to KSN trusted
18:20:35.0032 0x1c40  BrMfcWnd - ok
18:20:35.0073 0x1c40  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
18:20:35.0112 0x1c40  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
18:20:35.0283 0x1c40  Detect skipped due to KSN trusted
18:20:35.0283 0x1c40  ControlCenter3 - ok
18:20:35.0307 0x1c40  OneDriveSetup - ok
18:20:35.0314 0x1c40  OneDriveSetup - ok
18:20:35.0437 0x1c40  [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe
18:20:35.0456 0x1c40  BingSvc - ok
18:20:35.0549 0x1c40  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
18:20:35.0611 0x1c40  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
18:20:35.0673 0x1c40  Detect skipped due to KSN trusted
18:20:35.0673 0x1c40  SpybotPostWindows10UpgradeReInstall - ok
18:20:35.0919 0x1c40  [ 0EC2A8704E1A73B31F23CE91A910303B, C1F1CFA1CF7204F378D90B660ED5EEB03C0FAE9D301B51D62A670F0BD0BB38CD ] C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
18:20:36.0065 0x1c40  Spotify - ok
18:20:36.0293 0x1c40  [ 65E9C91C23EB211081B31EA619CE1B0F, D2235DE538C6CFA7AB6E58E4E151809ED634FEEBC02112C85B530855DD02F3D0 ] C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
18:20:36.0415 0x1c40  Amazon Music - ok
18:20:36.0462 0x1c40  [ F0B461FB820595E8BAF1161F55BE3E74, B8022060E7280DC568BFC230CA99D37C09092152D0CEE91B08401ACD725E82A2 ] C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:20:36.0497 0x1c40  Spotify Web Helper - ok
18:20:36.0585 0x1c40  [ 5710E80EAB62305C4FD4D968567448D2, BDC26F7A2313AB637FDBEEFCA705C5DF5C6F73F28F4BBB4C5FF2BB6B3F551CE6 ] C:\Program Files (x86)\Steam\Steam.exe
18:20:36.0646 0x1c40  Steam - ok
18:20:36.0704 0x1c40  Skype - ok
18:20:36.0804 0x1c40  [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:20:36.0837 0x1c40  OneDrive - ok
18:20:36.0970 0x1c40  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
18:20:37.0093 0x1c40  Akamai NetSession Interface - ok
18:20:37.0181 0x1c40  Uninstall C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
18:20:37.0184 0x1c40  OneDriveSetup - ok
18:20:37.0225 0x1c40  WAB Migrate - ok
18:20:37.0227 0x1c40  Waiting for KSN requests completion. In queue: 64
18:20:38.0281 0x1c40  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
18:20:38.0281 0x1c40  AV detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe ( 22.9.0.0 ), 0x51000 ( enabled : updated )
18:20:38.0283 0x1c40  FW detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe ( 22.9.0.0 ), 0x51010 ( enabled )
18:20:38.0373 0x1c40  ============================================================
18:20:38.0373 0x1c40  Scan finished
18:20:38.0373 0x1c40  ============================================================
18:20:38.0387 0x09b0  Detected object count: 1
18:20:38.0387 0x09b0  Actual detected object count: 1
18:20:55.0560 0x09b0  AVMWlanClient ( UnsignedFile.Multi.Generic ) - skipped by user
18:20:55.0560 0x09b0  AVMWlanClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Viele Grüße
Niklas

Alt 12.03.2017, 10:49   #5
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Servus,





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\Explorer: [NoFind] 0
IFEO: [Debugger] logonui.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
FF HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\50b4t2kg.default\extensions\cliqz@cliqz.com => nicht gefunden
2015-09-26 18:57 - 2015-09-26 18:57 - 0000040 _____ () C:\Users\Gamer91\AppData\Local\tmp.no23
Task: {1FD13DAC-4560-46A1-9F95-38636DFB9692} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {2FF52B92-728A-4EA8-A1C1-069B652051C9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {3A88455D-B506-4DA4-BDA3-2EAA784BD10A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3C811280-0DCC-40A4-ACBD-6A3071E3BF74} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {46307E98-2090-4CF9-8C64-15E0B4944F79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {478D7751-7813-4EBF-A369-3665B034C49B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B36860C-EC27-4054-9B9F-F753D51671A8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4F23F15F-9833-45FB-B442-390979FF5395} - System32\Tasks\{51A27375-E6F8-4F08-9741-7EBF4355ED29} => pcalua.exe -a C:\Users\Gamer91\Downloads\jxpiinstall(2).exe -d C:\Users\Gamer91\Downloads
Task: {580C9B64-5AA8-417C-9492-6B38D7CC31D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6E44D060-F97B-43B0-8A2C-F5D6C34FCC49} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6EEC662B-5132-42C4-8562-15CD1C9AA29E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {768CBE1D-1E03-41EB-BDDD-29373099E40F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9C7250F2-83C1-4413-811B-AE7024A8CA9C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B00BB0C1-0308-4F4A-A6FF-7B5613BBA197} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EF80C8D0-F3F0-4C77-9052-70D571D9EE4A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\webcompanion.com -> hxxp://webcompanion.com
Folder: C:\Users\Gamer91\AppData\Roaming\winupdates
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 3
  • Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
  • Starte den Rechner im Anschluss neu auf.
  • Downloade dir den MBAM Uninstaller auf deinen Desktop.
  • Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.





Schritt 4
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 5
  • Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logatei des FRST-Fix,
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 12.03.2017, 14:27   #6
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Hallo,

vielen Dank für die Hilfe!

Fixlog:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (12-03-2017 13:31:45) Run:1
Gestartet von C:\Users\Gamer91\Desktop
Geladene Profile: Gamer91 (Verfügbare Profile: Gamer91 & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Policies\Explorer: [NoFind] 0
IFEO: [Debugger] logonui.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
FF HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\50b4t2kg.default\extensions\cliqz@cliqz.com => nicht gefunden
2015-09-26 18:57 - 2015-09-26 18:57 - 0000040 _____ () C:\Users\Gamer91\AppData\Local\tmp.no23
Task: {1FD13DAC-4560-46A1-9F95-38636DFB9692} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {2FF52B92-728A-4EA8-A1C1-069B652051C9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {3A88455D-B506-4DA4-BDA3-2EAA784BD10A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3C811280-0DCC-40A4-ACBD-6A3071E3BF74} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {46307E98-2090-4CF9-8C64-15E0B4944F79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {478D7751-7813-4EBF-A369-3665B034C49B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4B36860C-EC27-4054-9B9F-F753D51671A8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4F23F15F-9833-45FB-B442-390979FF5395} - System32\Tasks\{51A27375-E6F8-4F08-9741-7EBF4355ED29} => pcalua.exe -a C:\Users\Gamer91\Downloads\jxpiinstall(2).exe -d C:\Users\Gamer91\Downloads
Task: {580C9B64-5AA8-417C-9492-6B38D7CC31D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6E44D060-F97B-43B0-8A2C-F5D6C34FCC49} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6EEC662B-5132-42C4-8562-15CD1C9AA29E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {768CBE1D-1E03-41EB-BDDD-29373099E40F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9C7250F2-83C1-4413-811B-AE7024A8CA9C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B00BB0C1-0308-4F4A-A6FF-7B5613BBA197} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EF80C8D0-F3F0-4C77-9052-70D571D9EE4A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\webcompanion.com -> hxxp://webcompanion.com
Folder: C:\Users\Gamer91\AppData\Roaming\winupdates
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozesse erfolgreich geschlossen.
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Wert erfolgreich entfernt
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableClock => Wert erfolgreich entfernt
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => Wert erfolgreich entfernt
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\\Debugger => Wert erfolgreich entfernt
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Mozilla\Firefox\Extensions\\cliqz@cliqz.com => Wert erfolgreich entfernt
C:\Users\Gamer91\AppData\Local\tmp.no23 => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FD13DAC-4560-46A1-9F95-38636DFB9692} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FD13DAC-4560-46A1-9F95-38636DFB9692} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FF52B92-728A-4EA8-A1C1-069B652051C9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FF52B92-728A-4EA8-A1C1-069B652051C9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A88455D-B506-4DA4-BDA3-2EAA784BD10A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A88455D-B506-4DA4-BDA3-2EAA784BD10A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C811280-0DCC-40A4-ACBD-6A3071E3BF74} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C811280-0DCC-40A4-ACBD-6A3071E3BF74} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46307E98-2090-4CF9-8C64-15E0B4944F79} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46307E98-2090-4CF9-8C64-15E0B4944F79} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{478D7751-7813-4EBF-A369-3665B034C49B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{478D7751-7813-4EBF-A369-3665B034C49B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4B36860C-EC27-4054-9B9F-F753D51671A8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B36860C-EC27-4054-9B9F-F753D51671A8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F23F15F-9833-45FB-B442-390979FF5395} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F23F15F-9833-45FB-B442-390979FF5395} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{51A27375-E6F8-4F08-9741-7EBF4355ED29} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{51A27375-E6F8-4F08-9741-7EBF4355ED29} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{580C9B64-5AA8-417C-9492-6B38D7CC31D6} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{580C9B64-5AA8-417C-9492-6B38D7CC31D6} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E44D060-F97B-43B0-8A2C-F5D6C34FCC49} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E44D060-F97B-43B0-8A2C-F5D6C34FCC49} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EEC662B-5132-42C4-8562-15CD1C9AA29E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EEC662B-5132-42C4-8562-15CD1C9AA29E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{768CBE1D-1E03-41EB-BDDD-29373099E40F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{768CBE1D-1E03-41EB-BDDD-29373099E40F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C7250F2-83C1-4413-811B-AE7024A8CA9C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C7250F2-83C1-4413-811B-AE7024A8CA9C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B00BB0C1-0308-4F4A-A6FF-7B5613BBA197} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B00BB0C1-0308-4F4A-A6FF-7B5613BBA197} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF80C8D0-F3F0-4C77-9052-70D571D9EE4A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF80C8D0-F3F0-4C77-9052-70D571D9EE4A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => Schlüssel erfolgreich entfernt

========================= Folder: C:\Users\Gamer91\AppData\Roaming\winupdates ========================

2017-02-14 00:54 - 2017-02-14 00:54 - 0000024 ____H () C:\Users\Gamer91\AppData\Roaming\winupdates\winupdates.ini

====== Ende von Folder: ======


========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 0EB4-13C2

 Verzeichnis von C:\Program Files

07.03.2017  20:07    <DIR>          .
07.03.2017  20:07    <DIR>          ..
27.01.2017  13:48    <DIR>          AMD
06.10.2014  19:41    <DIR>          ATI
27.01.2017  13:48    <DIR>          ATI Technologies
25.10.2016  18:34    <DIR>          Common Files
16.10.2014  20:30    <DIR>          DIFX
04.04.2016  17:15    <DIR>          DVD Maker
06.11.2015  02:01    <DIR>          GIMP 2
19.01.2017  13:57    <DIR>          Internet Explorer
18.12.2016  15:03    <DIR>          Java
21.09.2016  18:36    <DIR>          Microsoft Games
01.03.2017  17:47    <DIR>          Microsoft Office 15
14.10.2016  23:52    <DIR>          Microsoft Silverlight
23.10.2016  15:11    <DIR>          MotioninJoy
21.09.2016  19:04    <DIR>          MSBuild
07.03.2017  20:07    <DIR>          Norton Internet Security
11.02.2016  15:35    <DIR>          OBS
12.09.2016  21:00    <DIR>          OriginLab
21.09.2016  18:25    <DIR>          Realtek
21.09.2016  19:04    <DIR>          Reference Assemblies
29.10.2015  01:01    <DIR>          VideoLAN
08.08.2016  23:57    <DIR>          VS Revo Group
21.09.2016  19:17    <DIR>          Windows Defender
15.10.2016  01:27    <DIR>          Windows Mail
29.10.2016  11:17    <DIR>          Windows Media Player
16.07.2016  12:47    <DIR>          Windows Multimedia Platform
21.09.2016  19:04    <DIR>          Windows NT
15.10.2016  01:27    <DIR>          Windows Photo Viewer
16.07.2016  12:47    <DIR>          Windows Portable Devices
16.07.2016  12:47    <DIR>          WindowsPowerShell
15.06.2015  21:25    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              32 Verzeichnis(se), 25.412.784.128 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 0EB4-13C2

 Verzeichnis von C:\Program Files (x86)

07.03.2017  20:07    <DIR>          .
07.03.2017  20:07    <DIR>          ..
12.05.2015  15:48    <DIR>          Adobe
02.03.2017  17:56    <DIR>          AGEIA Technologies
21.09.2016  18:25    <DIR>          AMD
06.10.2014  20:28    <DIR>          AMD APP
18.12.2014  12:17    <DIR>          AMD AVT
18.02.2017  01:20    <DIR>          AP Tuner
04.04.2016  17:56    <DIR>          ATI Technologies
02.06.2016  20:49    <DIR>          Audacity
10.07.2015  10:10    <DIR>          avmwlanstick
05.03.2015  01:02    <DIR>          AWS
17.02.2017  18:29    <DIR>          Battle.net
01.12.2015  13:52    <DIR>          Battlelog Web Plugins
13.02.2017  22:19    <DIR>          Brother
21.02.2016  19:05    <DIR>          CambridgeSoft
14.02.2017  00:42    <DIR>          Chip Digital GmbH
09.11.2014  23:29    <DIR>          CHIP Updater
16.10.2014  20:30    <DIR>          CineForm
12.09.2016  18:14    <DIR>          Cisco
07.03.2017  20:25    <DIR>          Common Files
17.02.2017  19:25    <DIR>          Diablo III
01.04.2016  13:54    <DIR>          EA Games
06.10.2014  20:40    <DIR>          Electronic Arts
05.03.2015  01:02    <DIR>          GameSpy Arcade
15.11.2015  14:38    <DIR>          Google
19.01.2017  13:57    <DIR>          Internet Explorer
18.12.2016  15:03    <DIR>          Java
02.06.2016  20:50    <DIR>          Lame For Audacity
30.10.2015  16:53    <DIR>           Malwarebytes Anti-Malware 
04.05.2016  23:48    <DIR>          Microsoft Office
14.10.2016  23:52    <DIR>          Microsoft Silverlight
02.12.2015  02:02    <DIR>          Microsoft XNA
21.09.2016  18:36    <DIR>          Microsoft.NET
12.03.2017  01:38    <DIR>          Minecraft
12.03.2017  01:10    <DIR>          Mozilla Firefox
28.01.2017  23:31    <DIR>          Mozilla Maintenance Service
21.09.2016  19:04    <DIR>          MSBuild
07.05.2015  22:22    <DIR>          MSXML 4.0
07.03.2017  20:07    <DIR>          NortonInstaller
11.02.2016  15:35    <DIR>          OBS
12.08.2015  15:11    <DIR>          Opera
28.02.2017  23:05    <DIR>          Origin
25.10.2016  18:19    <DIR>          Origin Games
16.10.2014  20:40    <DIR>          QuickTime
04.04.2016  17:57    <DIR>          Raptr Inc
06.10.2014  20:29    <DIR>          Realtek
21.09.2016  19:04    <DIR>          Reference Assemblies
06.10.2014  20:30    <DIR>          Renesas Electronics
07.01.2017  20:56    <DIR>          Screaming Bee
26.11.2016  00:12    <DIR>          Skype
04.04.2016  17:50    <DIR>          Spybot - Search & Destroy 2
09.02.2017  01:05    <DIR>          StandingStoneGames
17.02.2017  19:22    <DIR>          StarCraft II
09.03.2017  15:42    <DIR>          Steam
03.03.2017  20:43    <DIR>          TeamViewer
01.04.2016  13:51    <DIR>          Turbine
25.05.2015  12:45    <DIR>          Ubisoft
26.09.2016  18:43    <DIR>          VS Revo Group
09.08.2016  17:06    <DIR>          VulkanRT
22.02.2017  17:57    <DIR>          Warcraft III
21.09.2016  19:17    <DIR>          Windows Defender
21.09.2016  18:36    <DIR>          Windows Mail
29.10.2016  11:17    <DIR>          Windows Media Player
16.07.2016  12:47    <DIR>          Windows Multimedia Platform
16.07.2016  12:47    <DIR>          Windows NT
15.10.2016  01:27    <DIR>          Windows Photo Viewer
16.07.2016  12:47    <DIR>          Windows Portable Devices
16.07.2016  12:47    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              69 Verzeichnis(se), 25.412.780.032 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 0EB4-13C2

 Verzeichnis von C:\ProgramData

12.05.2015  16:03    <DIR>          Adobe
02.02.2017  14:42    <DIR>          AMD
12.09.2015  16:34    <DIR>          AnyDesk
16.10.2014  20:38    <DIR>          Apple
16.10.2014  20:40    <DIR>          Apple Computer
09.08.2016  17:02    <DIR>          ATI
25.04.2016  18:56    <DIR>          Battle.net
25.04.2016  20:00    <DIR>          Blizzard Entertainment
13.02.2017  22:18    <DIR>          Brother
21.02.2016  19:05    <DIR>          CambridgeSoft
12.09.2016  18:14    <DIR>          Cisco
16.07.2016  12:47    <DIR>          Comms
06.10.2014  20:30    <DIR>          Downloaded Installations
17.06.2015  17:43    <DIR>          Dropbox
24.12.2014  13:40    <DIR>          EA Core
25.12.2014  19:09    <DIR>          EA Logs
24.12.2014  13:40    <DIR>          Electronic Arts
03.08.2016  22:15    <DIR>          Gaijin
11.08.2016  20:58    <DIR>          Gallery
06.08.2015  23:42    <DIR>          Malwarebytes
31.10.2015  20:35    <DIR>          Malwarebytes' Anti-Malware (portable)
28.11.2014  20:31    <DIR>          McAfee
17.02.2016  17:22    <DIR>          Mestrelab Research S.L
21.09.2016  19:09    <DIR>          Microsoft OneDrive
06.10.2014  21:51    <DIR>          Mozilla
07.03.2017  20:14    <DIR>          Norton
06.10.2014  20:32    <DIR>          NortonInstaller
25.03.2016  19:44    <DIR>          Oracle
28.02.2017  23:45    <DIR>          Origin
12.09.2016  21:07    <DIR>          OriginLab
26.01.2017  17:02    <DIR>          Package Cache
08.08.2015  13:38                40 ra3.ini
01.03.2017  17:48    <DIR>          regid.1991-06.com.microsoft
26.01.2017  16:59    <DIR>          Skype
16.07.2016  12:47    <DIR>          SoftwareDistribution
01.11.2015  17:59    <DIR>          Spybot - Search & Destroy
08.07.2016  22:02    <DIR>          TrackMania
04.12.2014  14:06    <DIR>          TuneUp Software
21.09.2016  19:05    <DIR>          USOPrivate
21.09.2016  19:05    <DIR>          USOShared
06.10.2014  21:53    <DIR>          XDMessagingv4
               1 Datei(en),             40 Bytes
              40 Verzeichnis(se), 25.412.775.936 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 0EB4-13C2

 Verzeichnis von C:\Users\Gamer91\AppData\Roaming

14.02.2017  00:54    <DIR>          .
14.02.2017  00:54    <DIR>          ..
05.07.2015  18:54    <DIR>          .atlauncher
12.03.2017  01:42    <DIR>          .minecraft
02.03.2017  21:31    <DIR>          7DaysToDie
06.10.2014  21:53    <DIR>          Abelssoft
12.05.2015  17:45    <DIR>          Adobe
07.12.2014  13:53    <DIR>          AMD
12.09.2015  16:38    <DIR>          AnyDesk
17.10.2014  12:50    <DIR>          Apple Computer
03.07.2016  23:41    <DIR>          Atari
06.10.2014  20:22    <DIR>          ATI
26.01.2017  20:00    <DIR>          Audacity
25.04.2016  18:59    <DIR>          Battle.net
21.05.2015  19:57    <DIR>          Brother
23.09.2016  23:01    <DIR>          Command & Conquer 3 Tiberium Wars
16.04.2016  15:07    <DIR>          Dropbox
03.12.2016  22:40    <DIR>          dvdcss
12.08.2015  12:07    <DIR>          DVDVideoSoft
16.10.2014  20:35    <DIR>          GoPro
10.08.2016  23:23    <DIR>          Identities
13.02.2017  22:18    <DIR>          InstallShield
28.11.2014  20:44    <DIR>          java
18.12.2014  12:20    <DIR>          library_dir
16.10.2014  20:59    <DIR>          Macromedia
12.04.2011  08:54    <DIR>          Media Center Programs
17.02.2016  17:22    <DIR>          Mestrelab Research S.L
04.06.2015  18:09    <DIR>          Might & Magic Heroes VI
03.09.2015  18:02    <DIR>          Modinstaller
15.02.2016  00:16    <DIR>          moses2
23.10.2016  15:11    <DIR>          MotioninJoy
06.10.2014  21:51    <DIR>          Mozilla
04.08.2015  15:12    <DIR>          Notepad++
11.02.2016  17:03    <DIR>          OBS
12.08.2015  12:00    <DIR>          Opera Software
28.02.2017  23:42    <DIR>          Origin
27.06.2016  12:51    <DIR>          PlaysTV
09.08.2016  17:08    <DIR>          Raptr
08.08.2015  13:36    <DIR>          Red Alert 3
24.12.2014  02:38    <DIR>          rmi
07.01.2017  20:57    <DIR>          Screaming Bee
07.03.2017  19:20    <DIR>          Skype
29.03.2016  14:03    <DIR>          SPEEDLINK
12.03.2017  13:27    <DIR>          Spotify
31.05.2016  23:02    <DIR>          StardewValley
28.10.2015  16:49    <DIR>          Sun
03.01.2017  22:41    <DIR>          TeamViewer
03.03.2017  00:59    <DIR>          TS3Client
04.12.2014  14:06    <DIR>          TuneUp Software
04.09.2015  15:32    <DIR>          Victor Vran
06.03.2017  15:43    <DIR>          vlc
15.06.2015  21:25    <DIR>          WinRAR
14.02.2017  00:54    <DIR>          winupdates
               0 Datei(en),              0 Bytes
              54 Verzeichnis(se), 25.412.775.936 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 0EB4-13C2

 Verzeichnis von C:\Users\Gamer91\AppData\Local

12.03.2017  13:31    <DIR>          .
12.03.2017  13:31    <DIR>          ..
06.10.2014  21:53    <DIR>          Abelssoft
04.04.2016  17:43    <DIR>          ActiveSync
12.05.2015  16:03    <DIR>          Adobe
20.02.2017  17:09    <DIR>          Akamai
07.09.2016  21:11    <DIR>          Amazon Music
29.10.2016  01:00    <DIR>          AMD
16.10.2014  20:38    <DIR>          Apple
17.10.2014  19:02    <DIR>          Apple Computer
06.10.2014  20:22    <DIR>          ATI
02.06.2016  20:55    <DIR>          Audacity
23.06.2016  22:51    <DIR>          BANDAI NAMCO Games
17.02.2017  21:38    <DIR>          Battle.net
25.04.2016  20:07    <DIR>          Blizzard Entertainment
20.08.2016  20:13    <DIR>          CAPCOM
22.02.2017  12:40            75.821 CDXLExtendedShim.log
25.07.2015  11:55    <DIR>          CEF
25.05.2015  13:26    <DIR>          Chromium
16.05.2015  21:01    <DIR>          Cisco
04.04.2016  17:50    <DIR>          Comms
22.09.2016  20:01    <DIR>          ConnectedDevicesPlatform
06.03.2017  15:57    <DIR>          CrashDumps
12.09.2016  21:07    <DIR>          CrashRpt
10.08.2015  12:18             4.608 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
11.08.2016  20:03    <DIR>          Diagnostics
14.02.2017  00:42    <DIR>          Downloaded Installations
16.04.2016  16:54    <DIR>          Dropbox
10.07.2016  18:01    <DIR>          EdgeOfReality
11.08.2016  20:03    <DIR>          ElevatedDiagnostics
30.11.2015  15:43    <DIR>          ESN
06.11.2015  02:05    <DIR>          fontconfig
29.03.2016  15:57           114.200 GDIPFONTCACHEV1.DAT
06.11.2015  02:05    <DIR>          gegl-0.2
09.11.2016  23:15    <DIR>          Google
18.10.2014  05:40    <DIR>          GoPro
06.11.2015  02:07    <DIR>          gtk-2.0
01.06.2015  22:29    <DIR>          GWX
03.08.2016  16:42    <DIR>          id Software
28.11.2014  20:34    <DIR>          Macromedia
07.01.2017  20:57    <DIR>          Microsoft
12.10.2015  20:31    <DIR>          Microsoft Games
08.11.2016  21:11    <DIR>          Microsoft Help
22.05.2016  17:54    <DIR>          MicrosoftEdge
12.05.2015  15:56    <DIR>          Microsoft_Corporation
06.10.2014  21:51    <DIR>          Mozilla
07.03.2017  19:55    <DIR>          NPE
12.08.2015  12:00    <DIR>          Opera Software
25.10.2016  18:15    <DIR>          Origin
12.09.2016  21:07    <DIR>          OriginLab
04.03.2017  14:22    <DIR>          Packages
06.10.2014  21:52    <DIR>          Programs
04.04.2016  17:43    <DIR>          Publishers
20.08.2016  20:54    <DIR>          PunkBuster
06.11.2015  02:07               853 recently-used.xbel
27.02.2016  22:57    <DIR>          Robot Entertainment
13.01.2016  17:23    <DIR>          Skype
07.08.2015  00:06    <DIR>          SkypePlugin
24.02.2015  23:42    <DIR>          Skyrim
11.03.2017  21:52    <DIR>          Spotify
17.12.2016  13:41    <DIR>          Steam
18.10.2014  01:12    <DIR>          SWTORPerf
26.01.2017  17:03    <DIR>          TeamSpeak 3
22.02.2017  19:34    <DIR>          TeamSpeak 3 Client
12.03.2017  13:27    <DIR>          Temp
27.09.2015  19:44    <DIR>          TempTaskUpdateDetectionC3F2B636-4299-4D20-A02D-2CC0253811A1
09.02.2017  01:52    <DIR>          The Lord of the Rings Online
04.04.2016  17:41    <DIR>          TileDataLayer
04.12.2014  14:06    <DIR>          TuneUp Software
09.02.2017  01:48    <DIR>          Turbine
04.09.2016  23:48    <DIR>          Ubisoft Game Launcher
04.07.2016  18:55    <DIR>          VirtualStore
18.12.2016  15:06    <DIR>          YSearchUtil
               4 Datei(en),        195.482 Bytes
              69 Verzeichnis(se), 25.412.771.840 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 0EB4-13C2

 Verzeichnis von C:\Program Files (x86)\Common Files

07.03.2017  20:25    <DIR>          .
07.03.2017  20:25    <DIR>          ..
12.05.2015  15:48    <DIR>          Adobe
06.10.2014  20:16    <DIR>          ATI Technologies
25.04.2016  00:38    <DIR>          BattlEye
13.07.2015  13:32    <DIR>          BioWare
25.07.2015  11:37    <DIR>          DESIGNER
12.08.2015  12:07    <DIR>          DVDVideoSoft
25.12.2014  23:21    <DIR>          InstallShield
18.12.2016  15:03    <DIR>          Java
21.09.2016  18:36    <DIR>          logishrd
21.09.2016  18:36    <DIR>          Microsoft Shared
16.04.2014  22:55             9.130 Samples.sln
16.07.2016  12:47    <DIR>          Services
26.11.2016  00:12    <DIR>          Skype
21.09.2016  18:36    <DIR>          SpeechEngines
02.02.2017  16:28    <DIR>          Steam
07.03.2017  20:25    <DIR>          Symantec Shared
16.07.2016  23:50    <DIR>          System
02.03.2017  17:50    <DIR>          Wise Installation Wizard
               1 Datei(en),          9.130 Bytes
              19 Verzeichnis(se), 25.412.767.744 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 0EB4-13C2

 Verzeichnis von C:\Program Files\Common Files

25.10.2016  18:34    <DIR>          .
25.10.2016  18:34    <DIR>          ..
21.09.2016  18:24    <DIR>          ATI Technologies
07.12.2015  18:50    <DIR>          AV
21.09.2016  18:36    <DIR>          logishrd
21.09.2016  18:36    <DIR>          microsoft shared
16.07.2016  12:47    <DIR>          Services
21.09.2016  18:36    <DIR>          SpeechEngines
07.03.2017  20:08    <DIR>          Symantec Shared
16.07.2016  23:50    <DIR>          System
               0 Datei(en),              0 Bytes
              10 Verzeichnis(se), 25.412.771.840 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 1382468 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 167711788 B
Java, Flash, Steam htmlcache => 343362902 B
Windows/system/drivers => 890891 B
Edge => 6220745 B
Chrome => 506634689 B
Firefox => 391952811 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 24354 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 60046 B
NetworkService => 19764 B
Gamer91 => 7109804 B
DefaultAppPool => 33058 B

RecycleBin => 1186 B
EmptyTemp: => 1.3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:34:23 ====
         
AdwCleaner

Code:
ATTFilter
# AdwCleaner v6.044 - Bericht erstellt am 12/03/2017 um 13:56:58
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-12.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Gamer91 - GAMER91-PC
# Gestartet von : C:\Users\Gamer91\Desktop\AdwCleaner_6.044.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\Gamer91\AppData\Local\YSearchUtil
Ordner Gefunden: C:\ProgramData\Device
Ordner Gefunden: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Local\YSearchUtil


***** [ Dateien ] *****

Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
Datei Gefunden: C:\WINDOWS\SysWoW64\lavasofttcpservice.dll
Datei Gefunden: C:\WINDOWS\SysWoW64\LavasoftTcpServiceOff.ini


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5431 Bytes] - [02/11/2015 20:59:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [5071 Bytes] - [02/11/2015 20:57:17]
C:\AdwCleaner\AdwCleaner[S2].txt - [6219 Bytes] - [12/03/2017 13:54:03]
C:\AdwCleaner\AdwCleaner[S3].txt - [6055 Bytes] - [12/03/2017 13:56:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [6128 Bytes] ##########
         
mbam

Code:
ATTFilter
# AdwCleaner v6.044 - Bericht erstellt am 12/03/2017 um 13:56:58
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-12.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Gamer91 - GAMER91-PC
# Gestartet von : C:\Users\Gamer91\Desktop\AdwCleaner_6.044.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\Gamer91\AppData\Local\YSearchUtil
Ordner Gefunden: C:\ProgramData\Device
Ordner Gefunden: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Local\YSearchUtil


***** [ Dateien ] *****

Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
Datei Gefunden: C:\WINDOWS\SysWoW64\lavasofttcpservice.dll
Datei Gefunden: C:\WINDOWS\SysWoW64\LavasoftTcpServiceOff.ini


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5431 Bytes] - [02/11/2015 20:59:09]
C:\AdwCleaner\AdwCleaner[S1].txt - [5071 Bytes] - [02/11/2015 20:57:17]
C:\AdwCleaner\AdwCleaner[S2].txt - [6219 Bytes] - [12/03/2017 13:54:03]
C:\AdwCleaner\AdwCleaner[S3].txt - [6055 Bytes] - [12/03/2017 13:56:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [6128 Bytes] ##########
         

Alt 12.03.2017, 18:17   #7
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (Administrator) auf GAMER91-PC (12-03-2017 14:20:10)
Gestartet von C:\Users\Gamer91\Desktop
Geladene Profile: Gamer91 (Verfügbare Profile: Gamer91 & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(© 2015 Microsoft Corporation) C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
() C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
(Akamai Technologies, Inc.) C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coNatHst.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-05] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-06-07] (Plays.tv, LLC)
HKLM-x32\...\Run: [ChicoSys] => C:\WINDOWS\SysWOW64\cc32\webtmr.exe
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1209344 2016-07-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [BingSvc] => C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Spotify] => C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe [7114352 2017-03-08] (Spotify Ltd)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Amazon Music] => C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe [5907944 2016-03-04] ()
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Spotify Web Helper] => C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-08] (Spotify Ltd)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27262432 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\RunOnce: [Uninstall C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{40b7a773-8c94-4592-994d-20ca453a5403}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eb081c7a-3b7b-4bda-a4a9-afc884d6f119}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> {015860D7-7BDB-47AB-8049-1F8AC681F3B9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935 [2017-03-12]
FF Homepage: Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935 -> hxxps://www.google.de/?gfe_rd=cr&ei=dzbEWLubMdOo8wfij4DYBg
FF Extension: (Ghostery) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\firefox@ghostery.com.xpi [2017-02-12]
FF Extension: (Norton Identity Safe) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\idsafe@norton.com.xpi [2017-03-07]
FF Extension: (NoScript) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-08]
FF Extension: (Adblock Plus) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-18]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon [2017-03-07]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=14.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2014\Chem3D\npChem3DPlugin.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=14.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2014\ChemDraw\npcdp32.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3272115789-219833374-1157450271-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-30] ()

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default [2017-03-12]
CHR Extension: (Google Präsentationen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-18]
CHR Extension: (Google Docs) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-18]
CHR Extension: (Google Drive) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-07]
CHR Extension: (YouTube) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18]
CHR Extension: (Google-Suche) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-06-07]
CHR Extension: (Yahoo Partner) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2016-12-18]
CHR Extension: (Google Tabellen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-18]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-08]
CHR Extension: (Google Docs Offline) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (Norton Identity Safe) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-18]
CHR Extension: (Userbrain Testing) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\llgephbnjacepipaoflhmabeclnghfic [2017-02-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Google Mail) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-18]
CHR Extension: (Chrome Media Router) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-07]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-04-14] ()
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-09-03] (EasyAntiCheat Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-22] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-07] (Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-02-22] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\BASHDefs\20170306.003\BHDrvx64.sys [1874136 2017-03-06] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation)
S3 cy_System; C:\WINDOWS\System32\drivers\cy-wdriver.sys [36624 2015-11-11] (Cybits AG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-05] (Symantec Corporation)
R1 IDSVia64; C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\IPSDefs\20170310.001\IDSvia64.sys [1038024 2017-03-07] (Symantec Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SRTSP; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-20] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-20] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-20] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-03-07] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\SDSDefs\20170307.007\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\SDSDefs\20170307.007\NAVEX15.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 14:20 - 2017-03-12 14:21 - 00029586 _____ C:\Users\Gamer91\Desktop\FRST.txt
2017-03-12 14:19 - 2017-03-12 14:19 - 00001238 _____ C:\Users\Gamer91\Desktop\mbam.txt
2017-03-12 14:04 - 2017-03-12 14:05 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-12 14:04 - 2017-03-12 14:04 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 14:04 - 2017-03-12 14:04 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-12 14:04 - 2017-03-12 14:04 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-12 14:04 - 2017-03-12 14:04 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-12 14:03 - 2017-03-12 14:03 - 57131432 _____ (Malwarebytes ) C:\Users\Gamer91\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-12 14:03 - 2017-03-12 14:03 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-12 14:03 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-12 14:02 - 2017-03-12 14:02 - 00006291 _____ C:\Users\Gamer91\Desktop\AdwCleaner[S3].txt
2017-03-12 13:52 - 2017-03-12 13:52 - 04031440 _____ C:\Users\Gamer91\Desktop\AdwCleaner_6.044.exe
2017-03-12 13:51 - 2017-03-12 13:51 - 04031440 _____ C:\Users\Gamer91\Downloads\AdwCleaner_6.044.exe
2017-03-12 13:43 - 2017-03-12 13:44 - 00566128 _____ (Malwarebytes) C:\Users\Gamer91\Downloads\mbam-clean-2.3.0.1001.exe
2017-03-12 13:31 - 2017-03-12 13:39 - 00030609 _____ C:\Users\Gamer91\Desktop\Fixlog.txt
2017-03-12 01:40 - 2017-03-12 01:40 - 00000000 ____D C:\Users\Gamer91\Desktop\MagicJumps1.0.1
2017-03-12 01:39 - 2017-03-12 01:39 - 01169436 _____ C:\Users\Gamer91\Downloads\Magic-Jumps-Final-1.0.1.zip
2017-03-11 18:18 - 2017-03-11 18:35 - 00086456 _____ C:\TDSSKiller.3.1.0.12_11.03.2017_18.18.55_log.txt
2017-03-11 18:18 - 2017-03-11 18:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Gamer91\Downloads\tdsskiller(1).exe
2017-03-11 18:00 - 2017-03-11 18:00 - 02424320 _____ (Farbar) C:\Users\Gamer91\Desktop\FRST64.exe
2017-03-08 22:14 - 2017-03-08 22:14 - 00000000 ___HD C:\$SysReset
2017-03-07 20:14 - 2017-03-12 14:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-03-07 20:09 - 2017-03-07 20:09 - 00003392 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-03-07 20:08 - 2017-03-07 20:08 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-03-07 20:08 - 2017-03-07 20:08 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-03-07 20:08 - 2017-03-07 20:08 - 00002321 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-03-07 20:07 - 2017-03-07 20:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-03-07 20:07 - 2017-03-07 20:07 - 00001370 _____ C:\Users\Gamer91\Desktop\Norton Installation Files.lnk
2017-03-07 20:07 - 2017-03-07 20:07 - 00000000 ____D C:\Program Files\Norton Internet Security
2017-03-07 20:07 - 2017-03-07 20:07 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-03-07 20:06 - 2017-03-07 20:07 - 01027712 _____ (Symantec Corporation) C:\Users\Gamer91\Downloads\NortonNISDownloader.exe
2017-03-07 20:01 - 2017-03-07 20:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Remove and Reinstall
2017-03-07 19:56 - 2017-03-07 19:56 - 14417536 _____ (Symantec Corporation) C:\Users\Gamer91\Desktop\NRnR.exe
2017-03-07 19:36 - 2017-03-07 19:36 - 00000000 ____D C:\NPE
2017-03-07 19:35 - 2014-10-17 12:48 - 00170694 _____ C:\WINDOWS\ntbtlog.txt
2017-03-07 19:33 - 2017-03-07 19:33 - 03435768 _____ (Symantec Corporation) C:\Users\Gamer91\Downloads\NPE.exe
2017-03-02 17:56 - 2017-03-02 20:37 - 00000000 ____D C:\Users\Gamer91\Documents\gothic3
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\AGEIA
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-02-18 01:20 - 2017-02-18 01:20 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08
2017-02-18 01:20 - 2017-02-18 01:20 - 00000000 ____D C:\Program Files (x86)\AP Tuner
2017-02-14 00:54 - 2017-02-14 00:54 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\winupdates
2017-02-14 00:42 - 2017-02-14 00:42 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Downloaded Installations
2017-02-14 00:42 - 2017-02-14 00:42 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-02-13 22:25 - 2017-02-13 22:25 - 00000000 ____D C:\WINDOWS\Panther
2017-02-13 22:20 - 2017-02-13 22:20 - 00000050 _____ C:\WINDOWS\system32\bridf08b.dat
2017-02-13 22:20 - 2017-02-13 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-02-13 22:19 - 2017-02-13 22:19 - 00000000 ____D C:\Program Files (x86)\Brother
2017-02-13 22:19 - 2009-05-19 17:39 - 00003072 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2017-02-13 22:19 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2017-02-13 22:19 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2017-02-13 22:19 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2017-02-13 22:19 - 2006-12-28 13:39 - 00176128 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll
2017-02-13 22:18 - 2017-02-13 22:18 - 50187152 _____ (A.I.SOFT,INC.) C:\Users\Gamer91\Downloads\DCP-195C-inst-B1-win78.EXE
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\Users\Gamer91\Downloads\wlan_wiz
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\Users\Gamer91\Downloads\mflpro_c1
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\ProgramData\Brother

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 14:20 - 2015-10-30 17:09 - 00000000 ____D C:\FRST
2017-03-12 14:07 - 2015-07-13 13:24 - 00000000 ___RD C:\Users\Gamer91\Desktop\Eigene Dateien
2017-03-12 14:04 - 2015-07-20 13:58 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Spotify
2017-03-12 14:00 - 2016-11-19 11:51 - 00000000 ____D C:\Users\Gamer91\AppData\LocalLow\Mozilla
2017-03-12 13:59 - 2015-07-20 14:02 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Spotify
2017-03-12 13:58 - 2016-09-21 19:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-12 13:57 - 2016-09-21 18:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-03-12 13:57 - 2016-07-16 07:04 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-03-12 13:57 - 2015-11-02 20:57 - 00000000 ____D C:\AdwCleaner
2017-03-12 13:37 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-12 13:34 - 2016-10-09 17:53 - 00000000 ____D C:\Users\Gamer91\AppData\LocalLow\Temp
2017-03-12 13:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-12 02:17 - 2016-09-21 18:32 - 00000000 ____D C:\Users\Gamer91
2017-03-12 01:42 - 2014-11-28 20:44 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\.minecraft
2017-03-12 01:38 - 2017-02-01 02:37 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-03-12 01:10 - 2016-11-19 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-11 22:20 - 2016-09-21 19:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-11 18:04 - 2015-10-30 20:20 - 00074324 _____ C:\Users\Gamer91\Downloads\Addition.txt
2017-03-11 18:04 - 2015-10-30 20:20 - 00042928 _____ C:\Users\Gamer91\Downloads\FRST.txt
2017-03-11 12:38 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-10 01:38 - 2016-09-21 18:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-09 15:42 - 2015-02-24 23:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-09 13:25 - 2016-06-27 13:04 - 00552488 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-03-07 20:14 - 2014-10-06 20:32 - 00000000 ____D C:\ProgramData\Norton
2017-03-07 20:08 - 2014-10-06 20:34 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-03-07 20:07 - 2014-11-01 17:59 - 00000000 ____D C:\Users\Public\Downloads\Norton
2017-03-07 20:07 - 2014-10-06 20:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-03-07 19:55 - 2015-06-27 12:18 - 00000000 ____D C:\Users\Gamer91\AppData\Local\NPE
2017-03-07 19:20 - 2015-08-03 23:39 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Skype
2017-03-07 01:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-06 15:57 - 2015-03-23 21:37 - 00000000 ____D C:\Users\Gamer91\AppData\Local\CrashDumps
2017-03-06 15:43 - 2015-10-29 01:02 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\vlc
2017-03-06 13:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-03-06 13:18 - 2016-09-21 18:22 - 00349664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-04 14:22 - 2016-04-04 17:41 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Packages
2017-03-03 20:43 - 2016-08-20 14:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-03 16:53 - 2016-04-06 15:46 - 00000000 ____D C:\Users\Gamer91\Documents\Soundaufnahmen
2017-03-03 16:28 - 2015-11-02 21:06 - 01798976 _____ (Malwarebytes) C:\Users\Gamer91\Downloads\JRT.exe
2017-03-03 00:59 - 2016-06-17 19:18 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\TS3Client
2017-03-02 21:31 - 2015-09-03 19:14 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\7DaysToDie
2017-03-01 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-01 17:47 - 2015-05-06 19:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-02-28 23:45 - 2014-10-06 21:23 - 00000000 ____D C:\ProgramData\Origin
2017-02-28 23:42 - 2014-12-23 21:13 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Origin
2017-02-28 23:05 - 2014-10-06 21:23 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-28 14:31 - 2014-12-23 23:26 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2017-02-28 14:31 - 2014-12-23 23:17 - 00348928 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-02-28 14:31 - 2014-12-23 23:17 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-02-24 03:48 - 2015-05-12 15:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 22:17 - 2014-11-02 17:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:14 - 2014-11-02 17:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 21:53 - 2014-12-23 23:17 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-02-22 19:34 - 2014-10-06 21:54 - 00000000 ____D C:\Users\Gamer91\AppData\Local\TeamSpeak 3 Client
2017-02-22 17:57 - 2015-03-30 20:25 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2017-02-22 15:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 17:09 - 2017-02-09 01:07 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Akamai
2017-02-17 22:52 - 2015-09-14 00:28 - 00000000 ____D C:\Users\Gamer91\Documents\Outlook-Dateien
2017-02-17 21:38 - 2016-04-25 18:56 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Battle.net
2017-02-17 19:25 - 2016-11-20 15:41 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-02-17 19:22 - 2016-04-25 19:03 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2017-02-17 18:29 - 2016-04-25 18:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-02-17 16:53 - 2016-08-08 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-15 00:10 - 2014-11-28 20:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-14 22:27 - 2017-01-11 21:20 - 20359768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-02-14 22:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-14 22:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-13 22:19 - 2014-10-06 20:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-13 22:09 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-13 22:09 - 2015-05-04 18:36 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2017-02-11 21:24 - 2016-03-31 23:06 - 00000000 ____D C:\Users\Gamer91\Documents\The Lord of the Rings Online

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-16 22:55 - 2014-04-16 22:55 - 0009130 _____ () C:\Program Files (x86)\Common Files\Samples.sln
2015-05-12 15:56 - 2017-02-22 12:40 - 0075821 _____ () C:\Users\Gamer91\AppData\Local\CDXLExtendedShim.log
2015-08-04 16:40 - 2015-08-10 12:18 - 0004608 _____ () C:\Users\Gamer91\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-06 02:07 - 2015-11-06 02:07 - 0000853 _____ () C:\Users\Gamer91\AppData\Local\recently-used.xbel
2015-08-08 13:38 - 2015-08-08 13:38 - 0000040 _____ () C:\ProgramData\ra3.ini

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-08 20:16

==================== Ende von FRST.txt ============================
         
Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (12-03-2017 14:21:32)
Gestartet von C:\Users\Gamer91\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-21 18:04:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3272115789-219833374-1157450271-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3272115789-219833374-1157450271-503 - Limited - Disabled)
Gamer91 (S-1-5-21-3272115789-219833374-1157450271-1000 - Administrator - Enabled) => C:\Users\Gamer91
Gast (S-1-5-21-3272115789-219833374-1157450271-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3272115789-219833374-1157450271-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Der Herr der Ringe Online™“ v1903.0058.2732.4095 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1903.0058.2732.4095 - Standing Stone Games, LLC)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Amazon Amazon Music) (Version: 4.2.0.1281 - Amazon Services LLC)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CambridgeSoft ChemScript 14.0 (HKLM-x32\...\{6053D436-AF21-4D67-A458-04C2B969A865}) (Version: 14.0 - CambridgeSoft Corporation)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.01095 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.3.01095 - Cisco Systems, Inc.) Hidden
Command & Conquer 3 Tiberium Wars™ (HKLM-x32\...\{CAC9DCAF-0EA8-442C-97EA-CA6F5755390A}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™ Alarmstufe Rot™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Devil May Cry® 4 Special Edition (HKLM\...\Steam App 329050) (Version:  - CAPCOM Co., Ltd.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
Fable Anniversary (HKLM\...\Steam App 288470) (Version:  - Lionhead Studios)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gothic (HKLM\...\Steam App 65540) (Version:  - Piranha – Bytes)
Gothic 3 (HKLM\...\Steam App 39500) (Version:  - Piranha – Bytes)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
Half-Life (HKLM\...\Steam App 70) (Version:  - Valve)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KKND Krossfire (HKLM-x32\...\KKND Krossfire) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4903.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Origin 2016 (HKLM-x32\...\{DC460501-EEFA-4701-8AD8-5F7DE1B70436}) (Version: 9.30.00 - OriginLab Corporation)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.11.2-r113542-release - Plays.tv, LLC)
Portal (HKLM\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PunkBuster für Battlefield 1942 (HKLM-x32\...\{127B684B-A002-44C8-99A7-6CF8F1E26873}) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3: Platinum! (HKLM\...\Steam App 2700) (Version:  - Frontier)
RollerCoaster Tycoon: Deluxe (HKLM\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SpellForce: Platinum Edition (HKLM-x32\...\Steam App 39540) (Version:  - Phenomic)
Spotify (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subnautica (HKLM\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
TeamSpeak 3 Client (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
Victor Vran (HKLM-x32\...\Steam App 345180) (Version:  - Haemimont Games)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Warcraft III) (Version:  - )
Warlords Battlecry 3 (HKLM-x32\...\GOGPACKWARLORDSBATTLECRY3_is1) (Version: 2.2.1.15 - GOG.com)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.131 - MSI)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02F6868D-9EF9-4A72-8532-CFDC25297F9E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {041F417F-AB24-4D76-AAF8-52A99CD1F7E5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {151B965D-8EA2-4477-8E1D-74B24F025AEB} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.)
Task: {1A1A84E5-DB1B-45DA-9A53-E1D77D6AC2CB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1E5D5F20-8910-4A4E-A581-665EE5BF3C6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {251D9A76-3781-477A-9577-3CF2FDDAF1EC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {2919BC6F-F874-46C9-BC55-D2E2D4CC58CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {30EAC827-F44E-466B-A1C1-7BFC8C9314DC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3676FA00-EAEB-43AB-AE14-4BE7707BF922} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3839E028-D883-4891-90D8-09B9EEA15347} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {4116AE38-8F44-4BAC-9F4A-058100DC30CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {44190C28-B165-4A00-974C-EECF58A39461} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {59D20292-B675-450A-82FE-1B17CE104053} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5BA20FAA-52BE-4AA3-AFE9-0C472A63D553} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {62A37828-7FBC-44F8-901D-29D506543206} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {69609B8A-3613-44FE-8282-D39C31567F11} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6E5AEC8B-8634-424D-A1C0-DE16AB667C75} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7C59C346-7E70-4D06-8AD6-C1216F0748F4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7D970669-8C84-4488-B9BF-44CE84CFCBC8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {886D2662-AF30-46CF-A701-5BEF0EADC361} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {8CA9D5C4-7A1F-45E4-B57D-EF13E081166E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {95252F9B-880A-42E2-BD14-D444BE6209F9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {95C0803A-FEA5-4BD0-BE41-82A0106147CC} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {981B6B9A-C508-4676-B2AE-DBB350E11BF0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9984C7C2-334F-4A3B-8A69-44C7FC8EF584} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {A4AC0FBE-AC90-4F7C-8B5F-EC501178E283} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {ABE27ECA-DF9D-4574-BA3A-6B3FF9323E4D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {AD9D19D3-1B9D-4C05-AC4A-CDC73A3734D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {B557D63C-D35B-47D4-8002-A3605DC6FAA5} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {BFA8C52B-CF28-412B-9DA2-8F43A0B35C42} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {CC9A5746-D001-449B-BD65-828B7074018E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D1BF4A07-3E21-45D0-9725-3E852A7B87A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {D76E2E96-D6F8-4EF3-8F2A-4A1224B1DA00} - System32\Tasks\{68A970A5-B6E2-46D2-8B13-31B7399A614D} => C:\Program Files (x86)\EA Games\Battlefield 1942\BF1942.exe 
Task: {D845E5EB-DF41-4F36-B3C8-1C2E61292518} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {DA0C877A-5C63-4768-A43F-F4BE2E9328A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E3E5E3E5-3151-40DA-8B4C-21AE1D2D312D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F6933868-3E42-4951-A6B1-929B0F1D13B2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F7188B9C-B6DC-4C39-A316-2BC7914689E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Gamer91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-06 19:13 - 2017-01-17 03:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-23 23:17 - 2017-02-22 21:53 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-21 19:11 - 2016-09-21 19:11 - 00959168 _____ () C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-21 19:15 - 2016-09-21 19:15 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-14 14:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-14 14:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-14 14:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-12-08 21:01 - 2016-03-04 22:34 - 05907944 _____ () C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
2017-02-13 22:19 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2017-02-22 22:51 - 2017-02-22 22:52 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 22:51 - 2017-02-22 22:52 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 22:51 - 2017-02-22 22:53 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 19:59 - 2017-02-06 19:59 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-07-10 12:37 - 2016-07-10 12:37 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-09-23 21:53 - 2017-02-22 19:35 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 21:57 - 2015-12-07 21:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2015-07-20 14:02 - 2017-03-08 16:06 - 67725936 _____ () C:\Users\Gamer91\AppData\Roaming\Spotify\libcef.dll
2016-10-28 17:20 - 2017-03-08 16:06 - 00110192 _____ () C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-02-13 22:19 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-07-20 14:02 - 2017-03-08 16:06 - 01929840 _____ () C:\Users\Gamer91\AppData\Roaming\Spotify\libglesv2.dll
2015-07-20 14:02 - 2017-03-08 16:06 - 00087152 _____ () C:\Users\Gamer91\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\sharepoint.com -> hxxps://uzk-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-26 17:57 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02599B5D-492F-4CF7-B615-27B978D932B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{5230EE99-281A-4BEF-850B-DAA432131E77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8909A175-8419-4ED1-B29F-E510DDE1A11F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EEBBB532-BF34-4339-A2B3-5467F8FCB6A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6C5BF478-0732-442C-80BA-EFE159BED705}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1ED994CB-930E-4D0A-B185-CE35C661722C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{9EEB87EF-2F51-4986-A218-F3C62BA3758C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{FB4C4EE9-F7A3-4C98-9F98-6591F128AF9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{F340D168-092D-4E6D-A32D-3E2D6B6394DC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{48841AB1-0D33-47EF-9DB6-CFCAB4FFD711}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4E5D8481-364C-467C-8081-C9E355A33EBE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{42B63D21-2F80-45F6-B729-FAD069E154E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{77B7CD71-2DA2-4F25-B30D-259DD0DFB1B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{61DF0270-4D40-45A9-9762-46FDC1D051FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{5DBFCB45-178C-4623-97A8-E1A040F317E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Special Edition\DevilMayCry4SpecialEdition.exe
FirewallRules: [{4701A06E-7339-4F14-BA80-68ADE9CE09E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Special Edition\DevilMayCry4SpecialEdition.exe
FirewallRules: [{5C6C19EA-7BB5-4626-8063-43C3CE5D6CE0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BE7494E1-5CFC-4D86-B381-8ED11AD1D7A7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9F8DFB22-E1F6-4604-A146-AB67852F28C6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{DD507483-08FD-4B4C-9736-0782AD0631E9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{C36C6362-A1FB-4612-8D35-DEE640F77BB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{5B8C709A-F445-4C8E-9FD7-FF240EF1086B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{AB4B822B-8EC6-4821-AF76-AF1E18899CD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{637A9188-4F0D-428C-8DF9-5526D1EFF86A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{1E496823-9DE3-4892-BD1A-43D6C27E4F1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{42C7BD2F-5185-4965-A5EB-EB072C81F12B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{9DCA1FEF-8302-4990-B91E-8E23E4D171B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{8FA6659B-4586-433C-9016-8FE472B0DC32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{8273F4C1-C805-4EFA-AE7F-58705A0F13A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{37627DDF-48BE-40D0-8012-50819CA7E028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{73DB6EDD-9612-451F-B75B-90D5BECA1860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{E4B16E4A-D28B-4CA1-8645-175641FD531E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{A1435155-94D9-4ECC-9EDA-A16AB87A587F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{203BE1CF-AE30-44F6-AE49-8A51EC4C8E69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{C26107C6-5395-454C-922D-EF0A39A6A9A1}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{9DC41FF1-E423-45C3-8F06-7A2130B463E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{3C67D83A-CD36-4637-9BD3-8B62EE3AE493}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4A45097C-9E66-422A-B7EB-94F1FD6ED379}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{84E169AA-C7A4-4F96-8265-EA5E9536A9D6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{386A9C23-D745-4FC8-A674-DEA99407FB30}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DFF44BDB-6C2A-4005-9CCC-647AFBFBF41D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{669216A6-EC8D-408C-B6B8-858626551905}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{DBB631C4-3C21-40CF-8564-A653486CD3E8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{9BADE01E-674F-4C1E-894B-E06AF1E80E2E}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{31E5D0EC-F50C-46FC-AA04-362536F05EF5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9C870E38-6188-4F9E-AFAB-177B758468F2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{A7633A1E-D4B6-4777-98CF-F26A091D3112}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8FE99B01-B3C1-4447-A18C-646532DA4CC9}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{709EB2CF-6A56-4617-86DC-D3AC5EE4C9CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4529BD38-9D66-4717-88EA-C93A689C1497}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F42EDED-BCBA-43F3-83D5-4A9AF95A5876}] => (Allow) C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{340F343B-104A-438C-AD68-EA5A013D8748}] => (Allow) C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{E80B6E19-D401-49F4-BE20-17E6B6C76DDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FBC22650-F5B8-4406-ACC4-8EF027CEB176}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9209A698-57A7-4423-9B14-FA91B44F012A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C9906C5-EE14-49B2-A322-CF0B3BEC3569}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{84DB6419-A167-49D0-98B6-ECC196EDEE4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D49A5FFC-9BC4-4E68-87E7-355CF2ADD4E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A96A1D99-1B0D-49AD-893E-690E0BDA75A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce Platinum Edition\SpellForce.exe
FirewallRules: [{D85002E8-20FC-407F-BBD7-DDF31591F485}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce Platinum Edition\SpellForce.exe
FirewallRules: [{E9BACD9D-0823-4D57-99FC-868452D18FD6}] => (Allow) C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A14DC914-027E-4E21-BA1E-F04AE302F592}] => (Allow) C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{9B9ED3DA-0AC8-48CA-8ABF-CD2630065443}C:\users\gamer91\desktop\warcraft iii\war3.exe] => (Block) C:\users\gamer91\desktop\warcraft iii\war3.exe
FirewallRules: [UDP Query User{F01838EB-C53E-4E72-A97B-524BF2359344}C:\users\gamer91\desktop\warcraft iii\war3.exe] => (Block) C:\users\gamer91\desktop\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C7681711-0464-40F3-8C75-69CB79B8383D}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{ED1A417F-5883-436B-A46B-B033849E1E3B}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{7D1B68D4-F6B2-47D0-BEB6-D15905437FCC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{713E309C-DCF2-4868-9226-EA1E8903DC70}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{834597F2-1FA3-456E-B2C2-80A089471A4B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{DF54B31E-EC58-4A9A-96E3-9DBA9B4A5A2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{48D352AA-0218-406E-A1CD-7314341C48DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{A83A129C-69A5-47CA-BF76-BDD67739EC46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victor Vran\VictorVranSteam.exe
FirewallRules: [{F4D74017-9A17-4929-8370-AAAFE3750DDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victor Vran\VictorVranSteam.exe
FirewallRules: [TCP Query User{3EE710F2-6EC6-4287-8198-98558E7A5F6C}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{75344311-3943-4043-B3BB-0F92D3E6DA37}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B8FFBA58-EDF0-4350-B168-5C87481AF1E3}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7706BE55-D3CD-4EDD-A748-071B8AD65D81}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EF92653-2C4B-408F-ABFF-8BE6484F2A67}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{56694050-1B80-4D87-A510-5F99016C6544}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{7A7400A1-9849-4A3A-AE74-9B77AFEF908A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{1CBA7726-848A-4E1D-8C46-490824E37F16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{9CCF5C3A-78C2-47E3-9558-80C149CFD7CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{540E4832-B3A3-4B2D-AF1B-B4926B1F8593}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{012A3F71-5066-4947-9155-140B53B6CE77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6BD2EC0B-D6DD-4DFF-B668-08AD1AB611C0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{4D2C78AD-2B71-43EF-98DC-944AF61CFD91}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{424D27C4-82D6-4592-8F0A-C4DFC1226A42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{D259E544-E88D-4833-9ABC-F0DC29E35EEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{13AC390D-4B6D-49BC-A10B-65B232E6497C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0AFA6D23-1751-4E7F-9C30-CEC5C22AF50C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6172031D-0411-44BC-817F-0FDC3DFED9BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DA1FE983-DB7D-4AC3-A3EB-35E63E668FDE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EEDDBD71-A280-4B68-BC9C-9B1C8AB14D7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{841E2F98-D0C9-4190-9A43-78C55EC51A73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{06CA3BF6-19D3-45DB-8F6B-4819EFC479D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{EFF29DF3-EDD0-4CEE-B363-BADEA63416D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{486FB8DE-00F9-45A7-96FC-BD3D26D1E613}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{85AB47CE-07E1-435E-B581-7D93901E580B}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{8B358B63-DF77-4FD9-AFC7-CAB18E823DB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{38250A57-5400-47B1-A9A9-AFABCF7AF6E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{0B910D50-A572-4682-A618-B4421C1D260B}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{C32AC7AF-B651-4015-B62F-AAA199BE4A32}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{FE69E1DE-F538-46CF-9827-08F8F0D28A72}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{AA5464C5-2476-4156-ADC2-54DD9B7F3A54}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [TCP Query User{E19BC58B-6269-4FD8-B298-CCC43E97CD87}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{0CB90E89-0985-44ED-80CA-A763212F12D6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{DD493C8F-9495-4F00-B04E-456F685B940C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A4857E9F-F1D3-4DC7-8AF9-BB7B167EFA42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{FF791F44-FA5F-4B91-A2B0-B22A5A91C1CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A0FFBC5D-EB56-4FD8-8DCF-286B7C260550}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E9C6F915-A110-4D6E-B5F1-03B77348B43F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{D6D89501-34D3-4FF6-96EA-9A7574169636}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{2A553F50-3A69-4BE8-BC60-159FC021FE05}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{E8883B0A-302E-4CE7-8E82-517265CDCB0E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{A08768B8-2E97-4763-9018-487D35A4665D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DDC95EC7-AA63-4B74-89AA-4E63704C5A10}C:\users\gamer91\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gamer91\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{47950E69-4F84-45BB-86B0-E8D66C4B8FE4}C:\users\gamer91\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gamer91\appdata\local\akamai\netsession_win.exe
FirewallRules: [{6AEF89A1-A0C4-4658-86D5-4476BD698EC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{FB47B3E6-8D2D-4D84-9B26-7DC8732681D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{A7195267-FD97-4116-AEA2-9D8E781B9200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{0CD701EC-F397-49C9-BCC0-18B8146DA04F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [TCP Query User{8EE38C6D-EBC6-4B8D-A858-A2B3A8C2BA18}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{A8E78E10-2682-4072-B29C-0561A7D6AD32}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe

==================== Wiederherstellungspunkte =========================

01-03-2017 23:55:29 Geplanter Prüfpunkt
02-03-2017 17:55:24 Installed NVIDIA PhysX

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/12/2017 02:19:37 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/12/2017 02:05:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/12/2017 01:39:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/11/2017 06:17:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gamer91\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/09/2017 07:35:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Gamer91-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/09/2017 11:53:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Gamer91-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/07/2017 07:45:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (03/07/2017 07:44:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/07/2017 07:32:30 PM) (Source: YSearchUtilSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/07/2017 06:26:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Gamer91-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (03/12/2017 01:59:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/12/2017 01:58:52 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/12/2017 01:58:52 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/12/2017 01:58:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (03/12/2017 01:57:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/12/2017 01:57:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AdaptiveSleepService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 01:57:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/12/2017 01:57:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 01:57:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 01:57:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Plays.tv Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-03-06 13:24:54.715
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:54.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.186
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.182
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-01 23:53:24.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:24.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:24.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:23.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:23.947
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6300 Six-Core Processor 
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 8140.05 MB
Verfügbarer physikalischer RAM: 4475.59 MB
Summe virtueller Speicher: 16332.05 MB
Verfügbarer virtueller Speicher: 12406.27 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:442.79 GB) (Free:24.95 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2063AF3E)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
Viele Grüße
Niklas

Entschuldigung, ich habe anstelle des mbam Logs, zweimal das AdwCleaner Log gepostet. Deshalb:

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 12.03.17
Scan-Zeit: 14:05
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1483
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Gamer91-PC\Gamer91

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 523370
Abgelaufene Zeit: 9 Min., 25 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Viele Grüße & einen schönen Sonntag,
Niklas

Alt 12.03.2017, 21:45   #8
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Servus,



ich sehe in den Logdateien von AdwCleaner nicht, dass du etwas hast entfernen lassen.

Lies dir bitte nochmal die Anleitung zu AdwCleaner durch und poste mir die richtige Logdatei.

Solltest du die Funde mit AdwCleaner noch nicht entfernt haben, musst du den FRST-Suchlauf nochmal ausführen.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 12.03.2017, 23:39   #9
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Guten Abend,

das war das Logfile des Suchlaufs. Hier ist jetzt das des Löschvorgangs:

Code:
ATTFilter
# AdwCleaner v6.044 - Bericht erstellt am 12/03/2017 um 13:57:37
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-12.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Gamer91 - GAMER91-PC
# Gestartet von : C:\Users\Gamer91\Desktop\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Gamer91\AppData\Local\YSearchUtil
[-] Ordner gelöscht: C:\ProgramData\Device
[-] Ordner gelöscht: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Local\YSearchUtil


***** [ Dateien ] *****

[-] Datei gelöscht: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Datei gelöscht: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
[-] Datei gelöscht: C:\WINDOWS\SysWoW64\lavasofttcpservice.dll
[-] Datei gelöscht: C:\WINDOWS\SysWoW64\LavasoftTcpServiceOff.ini


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5431 Bytes] - [02/11/2015 20:59:09]
C:\AdwCleaner\AdwCleaner[C2].txt - [6356 Bytes] - [12/03/2017 13:57:37]
C:\AdwCleaner\AdwCleaner[S1].txt - [5071 Bytes] - [02/11/2015 20:57:17]
C:\AdwCleaner\AdwCleaner[S2].txt - [6219 Bytes] - [12/03/2017 13:54:03]
C:\AdwCleaner\AdwCleaner[S3].txt - [6291 Bytes] - [12/03/2017 13:56:58]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [6648 Bytes] ##########
         
Vielen Dank!

Niklas

Alt 13.03.2017, 16:56   #10
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Servus,





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
C:\Users\Gamer91\AppData\Roaming\winupdates
C:\Users\Gamer91\AppData\Local\Chromium
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *YSearchUtil*
    *LavasoftTcpService*
    *chromium*
    
    :folderfind
    *YSearchUtil*
    *LavasoftTcpService*
    *chromium*
    
    :regfind
    YSearchUtil
    LavasoftTcpService
    chromium
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 13.03.2017, 19:00   #11
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Hallo,

vielen Dank nochmal!

Vorab sind mir während der Durchführung der drei Schritte zwei Dinge aufgefallen, die zwar nicht unbedingt ein Problem darstellen könnten, aber die ich erwähnen möchte:

1.) Beim Starten von FRST konnte ein Programmupdate sowohl bei dem Löschvorgang mit der Fixlist im ersten Schritt, als auch im dritten Schritt beim erneuten Scannen nicht durchgeführt werden.

2.) Nachdem Schritt 1 (Der Löschvorgang mit FRST) abgeschlossen wurde und der Computer neugestartet wurde, musste ich diesen ein weiteres Mal neustarten, da das System mir gesagt hat, dass "Keine Anmeldung mit dem Konto" möglich war und ein Neustart dieses Problem in den meisten Fällen löst, was dann auch der Fall war.

Ich beginne jetzt mit dem Fixlog:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (13-03-2017 18:22:57) Run:2
Gestartet von C:\Users\Gamer91\Desktop
Geladene Profile: Gamer91 (Verfügbare Profile: Gamer91 & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Users\Gamer91\AppData\Roaming\winupdates
C:\Users\Gamer91\AppData\Local\Chromium
EmptyTemp:
end
*****************

Prozesse erfolgreich geschlossen.
C:\Users\Gamer91\AppData\Roaming\winupdates => erfolgreich verschoben
C:\Users\Gamer91\AppData\Local\Chromium => erfolgreich verschoben

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17047694 B
Java, Flash, Steam htmlcache => 63841700 B
Windows/system/drivers => 44457871 B
Edge => 0 B
Chrome => 0 B
Firefox => 379729712 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5714 B
NetworkService => 0 B
Gamer91 => 6018068 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 487.5 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:23:15 ====
         
Systemlook:

Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 18:32 on 13/03/2017 by Gamer91
Administrator - Elevation successful

========== filefind ==========

Searching for "*YSearchUtil*"
No files found.

Searching for "*LavasoftTcpService*"
No files found.

Searching for "*chromium*"
No files found.

========== folderfind ==========

Searching for "*YSearchUtil*"
No folders found.

Searching for "*LavasoftTcpService*"
No folders found.

Searching for "*chromium*"
C:\FRST\Quarantine\C\Users\Gamer91\AppData\Local\Chromium	d------	[12:26 25/05/2015]

========== regfind ==========

Searching for "YSearchUtil"
No data found.

Searching for "LavasoftTcpService"
No data found.

Searching for "chromium"
[HKEY_CURRENT_USER\SOFTWARE\Chromium]
[HKEY_USERS\S-1-5-21-3272115789-219833374-1157450271-1000\SOFTWARE\Chromium]

-= EOF =-
         

Alt 13.03.2017, 19:01   #12
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (Administrator) auf GAMER91-PC (13-03-2017 18:46:39)
Gestartet von C:\Users\Gamer91\Desktop
Geladene Profile: Gamer91 (Verfügbare Profile: Gamer91 & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(© 2015 Microsoft Corporation) C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coNatHst.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-05] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-06-07] (Plays.tv, LLC)
HKLM-x32\...\Run: [ChicoSys] => C:\WINDOWS\SysWOW64\cc32\webtmr.exe
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1209344 2016-07-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [BingSvc] => C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Spotify] => C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe [7114352 2017-03-08] (Spotify Ltd)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Amazon Music] => C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe [5907944 2016-03-04] ()
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Spotify Web Helper] => C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-08] (Spotify Ltd)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27262432 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\RunOnce: [Uninstall C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{40b7a773-8c94-4592-994d-20ca453a5403}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eb081c7a-3b7b-4bda-a4a9-afc884d6f119}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> {015860D7-7BDB-47AB-8049-1F8AC681F3B9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935 [2017-03-13]
FF Homepage: Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935 -> hxxps://www.google.de/?gfe_rd=cr&ei=dzbEWLubMdOo8wfij4DYBg
FF Extension: (Ghostery) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\firefox@ghostery.com.xpi [2017-02-12]
FF Extension: (Norton Identity Safe) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\idsafe@norton.com.xpi [2017-03-07]
FF Extension: (NoScript) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-08]
FF Extension: (Adblock Plus) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-18]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon [2017-03-07]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=14.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2014\Chem3D\npChem3DPlugin.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=14.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2014\ChemDraw\npcdp32.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3272115789-219833374-1157450271-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-30] ()

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default [2017-03-12]
CHR Extension: (Google Präsentationen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-18]
CHR Extension: (Google Docs) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-18]
CHR Extension: (Google Drive) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-07]
CHR Extension: (YouTube) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18]
CHR Extension: (Google-Suche) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-06-07]
CHR Extension: (Yahoo Partner) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2016-12-18]
CHR Extension: (Google Tabellen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-18]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-08]
CHR Extension: (Google Docs Offline) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (Norton Identity Safe) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-18]
CHR Extension: (Userbrain Testing) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\llgephbnjacepipaoflhmabeclnghfic [2017-02-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Google Mail) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-18]
CHR Extension: (Chrome Media Router) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-07]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-04-14] ()
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-09-03] (EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-22] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-07] (Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-02-22] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\BASHDefs\20170306.003\BHDrvx64.sys [1874136 2017-03-06] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation)
S3 cy_System; C:\WINDOWS\System32\drivers\cy-wdriver.sys [36624 2015-11-11] (Cybits AG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-05] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R1 IDSVia64; C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\IPSDefs\20170310.001\IDSvia64.sys [1038024 2017-03-07] (Symantec Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-13] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-13] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-13] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SRTSP; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-20] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-20] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-20] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-03-07] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\SDSDefs\20170307.007\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\SDSDefs\20170307.007\NAVEX15.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-13 18:46 - 2017-03-13 18:46 - 00001728 _____ C:\Users\Gamer91\Desktop\SystemLook.txt
2017-03-13 18:32 - 2017-03-13 18:44 - 00001726 _____ C:\Users\Gamer91\Downloads\SystemLook.txt
2017-03-13 18:31 - 2017-03-13 18:32 - 00165376 _____ C:\Users\Gamer91\Downloads\SystemLook_x64.exe
2017-03-12 14:21 - 2017-03-12 14:22 - 00073318 _____ C:\Users\Gamer91\Desktop\Addition.txt
2017-03-12 14:20 - 2017-03-13 18:47 - 00029936 _____ C:\Users\Gamer91\Desktop\FRST.txt
2017-03-12 14:19 - 2017-03-12 14:19 - 00001238 _____ C:\Users\Gamer91\Desktop\mbam.txt
2017-03-12 14:04 - 2017-03-13 18:29 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-12 14:04 - 2017-03-13 18:29 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-12 14:04 - 2017-03-13 18:29 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-12 14:04 - 2017-03-13 18:29 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-12 14:04 - 2017-03-13 18:28 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 14:03 - 2017-03-12 14:03 - 57131432 _____ (Malwarebytes ) C:\Users\Gamer91\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-12 14:03 - 2017-03-12 14:03 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-12 14:03 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-12 14:02 - 2017-03-12 14:02 - 00006291 _____ C:\Users\Gamer91\Desktop\AdwCleaner[S3].txt
2017-03-12 13:52 - 2017-03-12 13:52 - 04031440 _____ C:\Users\Gamer91\Desktop\AdwCleaner_6.044.exe
2017-03-12 13:51 - 2017-03-12 13:51 - 04031440 _____ C:\Users\Gamer91\Downloads\AdwCleaner_6.044.exe
2017-03-12 13:43 - 2017-03-12 13:44 - 00566128 _____ (Malwarebytes) C:\Users\Gamer91\Downloads\mbam-clean-2.3.0.1001.exe
2017-03-12 13:31 - 2017-03-13 18:23 - 00001418 _____ C:\Users\Gamer91\Desktop\Fixlog.txt
2017-03-12 01:40 - 2017-03-12 01:40 - 00000000 ____D C:\Users\Gamer91\Desktop\MagicJumps1.0.1
2017-03-12 01:39 - 2017-03-12 01:39 - 01169436 _____ C:\Users\Gamer91\Downloads\Magic-Jumps-Final-1.0.1.zip
2017-03-11 18:18 - 2017-03-11 18:35 - 00086456 _____ C:\TDSSKiller.3.1.0.12_11.03.2017_18.18.55_log.txt
2017-03-11 18:18 - 2017-03-11 18:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Gamer91\Downloads\tdsskiller(1).exe
2017-03-11 18:00 - 2017-03-11 18:00 - 02424320 _____ (Farbar) C:\Users\Gamer91\Desktop\FRST64.exe
2017-03-08 22:14 - 2017-03-08 22:14 - 00000000 ___HD C:\$SysReset
2017-03-07 20:14 - 2017-03-13 18:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-03-07 20:09 - 2017-03-07 20:09 - 00003392 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-03-07 20:08 - 2017-03-07 20:08 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-03-07 20:08 - 2017-03-07 20:08 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-03-07 20:08 - 2017-03-07 20:08 - 00002321 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-03-07 20:07 - 2017-03-07 20:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-03-07 20:07 - 2017-03-07 20:07 - 00001370 _____ C:\Users\Gamer91\Desktop\Norton Installation Files.lnk
2017-03-07 20:07 - 2017-03-07 20:07 - 00000000 ____D C:\Program Files\Norton Internet Security
2017-03-07 20:07 - 2017-03-07 20:07 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-03-07 20:06 - 2017-03-07 20:07 - 01027712 _____ (Symantec Corporation) C:\Users\Gamer91\Downloads\NortonNISDownloader.exe
2017-03-07 20:01 - 2017-03-07 20:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Remove and Reinstall
2017-03-07 19:56 - 2017-03-07 19:56 - 14417536 _____ (Symantec Corporation) C:\Users\Gamer91\Desktop\NRnR.exe
2017-03-07 19:36 - 2017-03-07 19:36 - 00000000 ____D C:\NPE
2017-03-07 19:35 - 2014-10-17 12:48 - 00170694 _____ C:\WINDOWS\ntbtlog.txt
2017-03-07 19:33 - 2017-03-07 19:33 - 03435768 _____ (Symantec Corporation) C:\Users\Gamer91\Downloads\NPE.exe
2017-03-02 17:56 - 2017-03-02 20:37 - 00000000 ____D C:\Users\Gamer91\Documents\gothic3
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\AGEIA
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-02-18 01:20 - 2017-02-18 01:20 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08
2017-02-18 01:20 - 2017-02-18 01:20 - 00000000 ____D C:\Program Files (x86)\AP Tuner
2017-02-14 00:42 - 2017-02-14 00:42 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Downloaded Installations
2017-02-14 00:42 - 2017-02-14 00:42 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-02-13 22:25 - 2017-02-13 22:25 - 00000000 ____D C:\WINDOWS\Panther
2017-02-13 22:20 - 2017-02-13 22:20 - 00000050 _____ C:\WINDOWS\system32\bridf08b.dat
2017-02-13 22:20 - 2017-02-13 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-02-13 22:19 - 2017-02-13 22:19 - 00000000 ____D C:\Program Files (x86)\Brother
2017-02-13 22:19 - 2009-05-19 17:39 - 00003072 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2017-02-13 22:19 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2017-02-13 22:19 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2017-02-13 22:19 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2017-02-13 22:19 - 2006-12-28 13:39 - 00176128 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll
2017-02-13 22:18 - 2017-02-13 22:18 - 50187152 _____ (A.I.SOFT,INC.) C:\Users\Gamer91\Downloads\DCP-195C-inst-B1-win78.EXE
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\Users\Gamer91\Downloads\wlan_wiz
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\Users\Gamer91\Downloads\mflpro_c1
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\ProgramData\Brother

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-13 18:46 - 2015-10-30 17:09 - 00000000 ____D C:\FRST
2017-03-13 18:31 - 2016-11-19 11:51 - 00000000 ____D C:\Users\Gamer91\AppData\LocalLow\Mozilla
2017-03-13 18:31 - 2015-07-20 14:02 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Spotify
2017-03-13 18:31 - 2015-07-20 13:58 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Spotify
2017-03-13 18:28 - 2016-09-21 19:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-13 18:27 - 2016-09-21 18:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-03-13 18:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-13 18:27 - 2016-07-16 07:04 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-03-13 18:25 - 2016-02-13 18:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-13 18:16 - 2015-08-03 23:39 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Skype
2017-03-13 15:32 - 2015-02-24 23:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-13 13:46 - 2016-09-21 18:32 - 00000000 ____D C:\Users\Gamer91
2017-03-13 13:46 - 2016-06-27 13:04 - 00552488 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-03-13 11:34 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-13 03:41 - 2016-09-21 18:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-12 20:36 - 2016-09-21 19:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-12 20:04 - 2015-03-30 20:25 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2017-03-12 19:41 - 2016-04-04 17:41 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Packages
2017-03-12 19:26 - 2014-11-28 20:44 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\.minecraft
2017-03-12 19:10 - 2016-11-19 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-12 14:07 - 2015-07-13 13:24 - 00000000 ___RD C:\Users\Gamer91\Desktop\Eigene Dateien
2017-03-12 13:57 - 2015-11-02 20:57 - 00000000 ____D C:\AdwCleaner
2017-03-12 13:37 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-12 13:34 - 2016-10-09 17:53 - 00000000 ____D C:\Users\Gamer91\AppData\LocalLow\Temp
2017-03-12 01:38 - 2017-02-01 02:37 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-03-11 18:04 - 2015-10-30 20:20 - 00074324 _____ C:\Users\Gamer91\Downloads\Addition.txt
2017-03-11 18:04 - 2015-10-30 20:20 - 00042928 _____ C:\Users\Gamer91\Downloads\FRST.txt
2017-03-07 20:14 - 2014-10-06 20:32 - 00000000 ____D C:\ProgramData\Norton
2017-03-07 20:08 - 2014-10-06 20:34 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-03-07 20:07 - 2014-11-01 17:59 - 00000000 ____D C:\Users\Public\Downloads\Norton
2017-03-07 20:07 - 2014-10-06 20:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-03-07 19:55 - 2015-06-27 12:18 - 00000000 ____D C:\Users\Gamer91\AppData\Local\NPE
2017-03-07 01:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-06 15:57 - 2015-03-23 21:37 - 00000000 ____D C:\Users\Gamer91\AppData\Local\CrashDumps
2017-03-06 15:43 - 2015-10-29 01:02 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\vlc
2017-03-06 13:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-03-06 13:18 - 2016-09-21 18:22 - 00349664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-03 20:43 - 2016-08-20 14:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-03 16:53 - 2016-04-06 15:46 - 00000000 ____D C:\Users\Gamer91\Documents\Soundaufnahmen
2017-03-03 16:28 - 2015-11-02 21:06 - 01798976 _____ (Malwarebytes) C:\Users\Gamer91\Downloads\JRT.exe
2017-03-03 00:59 - 2016-06-17 19:18 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\TS3Client
2017-03-02 21:31 - 2015-09-03 19:14 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\7DaysToDie
2017-03-01 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-01 17:47 - 2015-05-06 19:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-02-28 23:45 - 2014-10-06 21:23 - 00000000 ____D C:\ProgramData\Origin
2017-02-28 23:42 - 2014-12-23 21:13 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Origin
2017-02-28 23:05 - 2014-10-06 21:23 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-28 14:31 - 2014-12-23 23:26 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2017-02-28 14:31 - 2014-12-23 23:17 - 00348928 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-02-28 14:31 - 2014-12-23 23:17 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-02-24 03:48 - 2015-05-12 15:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 22:17 - 2014-11-02 17:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:14 - 2014-11-02 17:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 21:53 - 2014-12-23 23:17 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-02-22 19:34 - 2014-10-06 21:54 - 00000000 ____D C:\Users\Gamer91\AppData\Local\TeamSpeak 3 Client
2017-02-22 15:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 17:09 - 2017-02-09 01:07 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Akamai
2017-02-17 22:52 - 2015-09-14 00:28 - 00000000 ____D C:\Users\Gamer91\Documents\Outlook-Dateien
2017-02-17 21:38 - 2016-04-25 18:56 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Battle.net
2017-02-17 19:25 - 2016-11-20 15:41 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-02-17 19:22 - 2016-04-25 19:03 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2017-02-17 18:29 - 2016-04-25 18:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-02-17 16:53 - 2016-08-08 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-15 00:10 - 2014-11-28 20:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-14 22:27 - 2017-01-11 21:20 - 20359768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-02-14 22:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-14 22:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-13 22:19 - 2014-10-06 20:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-13 22:09 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-13 22:09 - 2015-05-04 18:36 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2017-02-11 21:24 - 2016-03-31 23:06 - 00000000 ____D C:\Users\Gamer91\Documents\The Lord of the Rings Online

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-16 22:55 - 2014-04-16 22:55 - 0009130 _____ () C:\Program Files (x86)\Common Files\Samples.sln
2015-05-12 15:56 - 2017-03-12 19:40 - 0076350 _____ () C:\Users\Gamer91\AppData\Local\CDXLExtendedShim.log
2015-08-04 16:40 - 2015-08-10 12:18 - 0004608 _____ () C:\Users\Gamer91\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-06 02:07 - 2015-11-06 02:07 - 0000853 _____ () C:\Users\Gamer91\AppData\Local\recently-used.xbel
2015-08-08 13:38 - 2015-08-08 13:38 - 0000040 _____ () C:\ProgramData\ra3.ini

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-08 20:16

==================== Ende von FRST.txt ============================
         
Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (13-03-2017 18:48:21)
Gestartet von C:\Users\Gamer91\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-21 18:04:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3272115789-219833374-1157450271-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3272115789-219833374-1157450271-503 - Limited - Disabled)
Gamer91 (S-1-5-21-3272115789-219833374-1157450271-1000 - Administrator - Enabled) => C:\Users\Gamer91
Gast (S-1-5-21-3272115789-219833374-1157450271-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3272115789-219833374-1157450271-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Der Herr der Ringe Online™“ v1903.0058.2732.4095 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1903.0058.2732.4095 - Standing Stone Games, LLC)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Amazon Amazon Music) (Version: 4.2.0.1281 - Amazon Services LLC)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CambridgeSoft ChemScript 14.0 (HKLM-x32\...\{6053D436-AF21-4D67-A458-04C2B969A865}) (Version: 14.0 - CambridgeSoft Corporation)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.01095 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.3.01095 - Cisco Systems, Inc.) Hidden
Command & Conquer 3 Tiberium Wars™ (HKLM-x32\...\{CAC9DCAF-0EA8-442C-97EA-CA6F5755390A}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™ Alarmstufe Rot™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Devil May Cry® 4 Special Edition (HKLM\...\Steam App 329050) (Version:  - CAPCOM Co., Ltd.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
Fable Anniversary (HKLM\...\Steam App 288470) (Version:  - Lionhead Studios)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gothic (HKLM\...\Steam App 65540) (Version:  - Piranha – Bytes)
Gothic 3 (HKLM\...\Steam App 39500) (Version:  - Piranha – Bytes)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
Half-Life (HKLM\...\Steam App 70) (Version:  - Valve)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KKND Krossfire (HKLM-x32\...\KKND Krossfire) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4903.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Origin 2016 (HKLM-x32\...\{DC460501-EEFA-4701-8AD8-5F7DE1B70436}) (Version: 9.30.00 - OriginLab Corporation)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.11.2-r113542-release - Plays.tv, LLC)
Portal (HKLM\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PunkBuster für Battlefield 1942 (HKLM-x32\...\{127B684B-A002-44C8-99A7-6CF8F1E26873}) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3: Platinum! (HKLM\...\Steam App 2700) (Version:  - Frontier)
RollerCoaster Tycoon: Deluxe (HKLM\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SpellForce: Platinum Edition (HKLM-x32\...\Steam App 39540) (Version:  - Phenomic)
Spotify (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subnautica (HKLM\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
TeamSpeak 3 Client (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
Victor Vran (HKLM-x32\...\Steam App 345180) (Version:  - Haemimont Games)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Warcraft III) (Version:  - )
Warlords Battlecry 3 (HKLM-x32\...\GOGPACKWARLORDSBATTLECRY3_is1) (Version: 2.2.1.15 - GOG.com)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.131 - MSI)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02F6868D-9EF9-4A72-8532-CFDC25297F9E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {041F417F-AB24-4D76-AAF8-52A99CD1F7E5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {151B965D-8EA2-4477-8E1D-74B24F025AEB} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.)
Task: {184D39C6-36DD-4931-8C73-399CB703EB60} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {1A1A84E5-DB1B-45DA-9A53-E1D77D6AC2CB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1E5D5F20-8910-4A4E-A581-665EE5BF3C6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {251D9A76-3781-477A-9577-3CF2FDDAF1EC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {2919BC6F-F874-46C9-BC55-D2E2D4CC58CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {30EAC827-F44E-466B-A1C1-7BFC8C9314DC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3676FA00-EAEB-43AB-AE14-4BE7707BF922} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3839E028-D883-4891-90D8-09B9EEA15347} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {4116AE38-8F44-4BAC-9F4A-058100DC30CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {44190C28-B165-4A00-974C-EECF58A39461} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {59D20292-B675-450A-82FE-1B17CE104053} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5BA20FAA-52BE-4AA3-AFE9-0C472A63D553} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {62A37828-7FBC-44F8-901D-29D506543206} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {69609B8A-3613-44FE-8282-D39C31567F11} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6E5AEC8B-8634-424D-A1C0-DE16AB667C75} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7C59C346-7E70-4D06-8AD6-C1216F0748F4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7D970669-8C84-4488-B9BF-44CE84CFCBC8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {816DDB67-2616-4FD3-85AA-BD9D3CAEC75A} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {886D2662-AF30-46CF-A701-5BEF0EADC361} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {8CA9D5C4-7A1F-45E4-B57D-EF13E081166E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {981B6B9A-C508-4676-B2AE-DBB350E11BF0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9984C7C2-334F-4A3B-8A69-44C7FC8EF584} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {A4AC0FBE-AC90-4F7C-8B5F-EC501178E283} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {ABE27ECA-DF9D-4574-BA3A-6B3FF9323E4D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {AD9D19D3-1B9D-4C05-AC4A-CDC73A3734D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {B557D63C-D35B-47D4-8002-A3605DC6FAA5} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {BFA8C52B-CF28-412B-9DA2-8F43A0B35C42} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {CC9A5746-D001-449B-BD65-828B7074018E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D1BF4A07-3E21-45D0-9725-3E852A7B87A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {D76E2E96-D6F8-4EF3-8F2A-4A1224B1DA00} - System32\Tasks\{68A970A5-B6E2-46D2-8B13-31B7399A614D} => C:\Program Files (x86)\EA Games\Battlefield 1942\BF1942.exe 
Task: {D845E5EB-DF41-4F36-B3C8-1C2E61292518} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {DA0C877A-5C63-4768-A43F-F4BE2E9328A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E3E5E3E5-3151-40DA-8B4C-21AE1D2D312D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F6933868-3E42-4951-A6B1-929B0F1D13B2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F7188B9C-B6DC-4C39-A316-2BC7914689E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Gamer91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-06 19:13 - 2017-01-17 03:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-23 23:17 - 2017-02-22 21:53 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2017-03-12 14:03 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-12 14:03 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-21 19:11 - 2016-09-21 19:11 - 00959168 _____ () C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-21 19:15 - 2016-09-21 19:15 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-14 14:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-14 14:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-14 14:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-12-08 21:01 - 2016-03-04 22:34 - 05907944 _____ () C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
2017-02-13 22:19 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-10 12:37 - 2016-07-10 12:37 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-09-23 21:53 - 2017-02-22 19:35 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 21:57 - 2015-12-07 21:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2017-02-13 22:19 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\sharepoint.com -> hxxps://uzk-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-26 17:57 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02599B5D-492F-4CF7-B615-27B978D932B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{5230EE99-281A-4BEF-850B-DAA432131E77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8909A175-8419-4ED1-B29F-E510DDE1A11F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EEBBB532-BF34-4339-A2B3-5467F8FCB6A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6C5BF478-0732-442C-80BA-EFE159BED705}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1ED994CB-930E-4D0A-B185-CE35C661722C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{9EEB87EF-2F51-4986-A218-F3C62BA3758C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{FB4C4EE9-F7A3-4C98-9F98-6591F128AF9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{F340D168-092D-4E6D-A32D-3E2D6B6394DC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{48841AB1-0D33-47EF-9DB6-CFCAB4FFD711}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4E5D8481-364C-467C-8081-C9E355A33EBE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{42B63D21-2F80-45F6-B729-FAD069E154E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{77B7CD71-2DA2-4F25-B30D-259DD0DFB1B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{61DF0270-4D40-45A9-9762-46FDC1D051FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{5DBFCB45-178C-4623-97A8-E1A040F317E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Special Edition\DevilMayCry4SpecialEdition.exe
FirewallRules: [{4701A06E-7339-4F14-BA80-68ADE9CE09E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Special Edition\DevilMayCry4SpecialEdition.exe
FirewallRules: [{5C6C19EA-7BB5-4626-8063-43C3CE5D6CE0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BE7494E1-5CFC-4D86-B381-8ED11AD1D7A7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9F8DFB22-E1F6-4604-A146-AB67852F28C6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{DD507483-08FD-4B4C-9736-0782AD0631E9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{C36C6362-A1FB-4612-8D35-DEE640F77BB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{5B8C709A-F445-4C8E-9FD7-FF240EF1086B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{AB4B822B-8EC6-4821-AF76-AF1E18899CD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{637A9188-4F0D-428C-8DF9-5526D1EFF86A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{1E496823-9DE3-4892-BD1A-43D6C27E4F1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{42C7BD2F-5185-4965-A5EB-EB072C81F12B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{9DCA1FEF-8302-4990-B91E-8E23E4D171B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{8FA6659B-4586-433C-9016-8FE472B0DC32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{8273F4C1-C805-4EFA-AE7F-58705A0F13A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{37627DDF-48BE-40D0-8012-50819CA7E028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{73DB6EDD-9612-451F-B75B-90D5BECA1860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{E4B16E4A-D28B-4CA1-8645-175641FD531E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{A1435155-94D9-4ECC-9EDA-A16AB87A587F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{203BE1CF-AE30-44F6-AE49-8A51EC4C8E69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{C26107C6-5395-454C-922D-EF0A39A6A9A1}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{9DC41FF1-E423-45C3-8F06-7A2130B463E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{3C67D83A-CD36-4637-9BD3-8B62EE3AE493}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4A45097C-9E66-422A-B7EB-94F1FD6ED379}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{84E169AA-C7A4-4F96-8265-EA5E9536A9D6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{386A9C23-D745-4FC8-A674-DEA99407FB30}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DFF44BDB-6C2A-4005-9CCC-647AFBFBF41D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{669216A6-EC8D-408C-B6B8-858626551905}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{DBB631C4-3C21-40CF-8564-A653486CD3E8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{9BADE01E-674F-4C1E-894B-E06AF1E80E2E}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{31E5D0EC-F50C-46FC-AA04-362536F05EF5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9C870E38-6188-4F9E-AFAB-177B758468F2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{A7633A1E-D4B6-4777-98CF-F26A091D3112}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8FE99B01-B3C1-4447-A18C-646532DA4CC9}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{709EB2CF-6A56-4617-86DC-D3AC5EE4C9CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4529BD38-9D66-4717-88EA-C93A689C1497}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F42EDED-BCBA-43F3-83D5-4A9AF95A5876}] => (Allow) C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{340F343B-104A-438C-AD68-EA5A013D8748}] => (Allow) C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{E80B6E19-D401-49F4-BE20-17E6B6C76DDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FBC22650-F5B8-4406-ACC4-8EF027CEB176}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9209A698-57A7-4423-9B14-FA91B44F012A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C9906C5-EE14-49B2-A322-CF0B3BEC3569}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{84DB6419-A167-49D0-98B6-ECC196EDEE4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D49A5FFC-9BC4-4E68-87E7-355CF2ADD4E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A96A1D99-1B0D-49AD-893E-690E0BDA75A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce Platinum Edition\SpellForce.exe
FirewallRules: [{D85002E8-20FC-407F-BBD7-DDF31591F485}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce Platinum Edition\SpellForce.exe
FirewallRules: [{E9BACD9D-0823-4D57-99FC-868452D18FD6}] => (Allow) C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A14DC914-027E-4E21-BA1E-F04AE302F592}] => (Allow) C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{9B9ED3DA-0AC8-48CA-8ABF-CD2630065443}C:\users\gamer91\desktop\warcraft iii\war3.exe] => (Block) C:\users\gamer91\desktop\warcraft iii\war3.exe
FirewallRules: [UDP Query User{F01838EB-C53E-4E72-A97B-524BF2359344}C:\users\gamer91\desktop\warcraft iii\war3.exe] => (Block) C:\users\gamer91\desktop\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C7681711-0464-40F3-8C75-69CB79B8383D}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{ED1A417F-5883-436B-A46B-B033849E1E3B}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{7D1B68D4-F6B2-47D0-BEB6-D15905437FCC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{713E309C-DCF2-4868-9226-EA1E8903DC70}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{834597F2-1FA3-456E-B2C2-80A089471A4B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{DF54B31E-EC58-4A9A-96E3-9DBA9B4A5A2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{48D352AA-0218-406E-A1CD-7314341C48DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{A83A129C-69A5-47CA-BF76-BDD67739EC46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victor Vran\VictorVranSteam.exe
FirewallRules: [{F4D74017-9A17-4929-8370-AAAFE3750DDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victor Vran\VictorVranSteam.exe
FirewallRules: [TCP Query User{3EE710F2-6EC6-4287-8198-98558E7A5F6C}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{75344311-3943-4043-B3BB-0F92D3E6DA37}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B8FFBA58-EDF0-4350-B168-5C87481AF1E3}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7706BE55-D3CD-4EDD-A748-071B8AD65D81}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EF92653-2C4B-408F-ABFF-8BE6484F2A67}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{56694050-1B80-4D87-A510-5F99016C6544}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{7A7400A1-9849-4A3A-AE74-9B77AFEF908A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{1CBA7726-848A-4E1D-8C46-490824E37F16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{9CCF5C3A-78C2-47E3-9558-80C149CFD7CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{540E4832-B3A3-4B2D-AF1B-B4926B1F8593}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{012A3F71-5066-4947-9155-140B53B6CE77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6BD2EC0B-D6DD-4DFF-B668-08AD1AB611C0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{4D2C78AD-2B71-43EF-98DC-944AF61CFD91}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{424D27C4-82D6-4592-8F0A-C4DFC1226A42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{D259E544-E88D-4833-9ABC-F0DC29E35EEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{13AC390D-4B6D-49BC-A10B-65B232E6497C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0AFA6D23-1751-4E7F-9C30-CEC5C22AF50C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6172031D-0411-44BC-817F-0FDC3DFED9BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DA1FE983-DB7D-4AC3-A3EB-35E63E668FDE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EEDDBD71-A280-4B68-BC9C-9B1C8AB14D7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{841E2F98-D0C9-4190-9A43-78C55EC51A73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{06CA3BF6-19D3-45DB-8F6B-4819EFC479D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{EFF29DF3-EDD0-4CEE-B363-BADEA63416D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{486FB8DE-00F9-45A7-96FC-BD3D26D1E613}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{85AB47CE-07E1-435E-B581-7D93901E580B}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{8B358B63-DF77-4FD9-AFC7-CAB18E823DB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{38250A57-5400-47B1-A9A9-AFABCF7AF6E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{0B910D50-A572-4682-A618-B4421C1D260B}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{C32AC7AF-B651-4015-B62F-AAA199BE4A32}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{FE69E1DE-F538-46CF-9827-08F8F0D28A72}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{AA5464C5-2476-4156-ADC2-54DD9B7F3A54}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [TCP Query User{E19BC58B-6269-4FD8-B298-CCC43E97CD87}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{0CB90E89-0985-44ED-80CA-A763212F12D6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{DD493C8F-9495-4F00-B04E-456F685B940C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A4857E9F-F1D3-4DC7-8AF9-BB7B167EFA42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{FF791F44-FA5F-4B91-A2B0-B22A5A91C1CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A0FFBC5D-EB56-4FD8-8DCF-286B7C260550}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E9C6F915-A110-4D6E-B5F1-03B77348B43F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{D6D89501-34D3-4FF6-96EA-9A7574169636}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{2A553F50-3A69-4BE8-BC60-159FC021FE05}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{E8883B0A-302E-4CE7-8E82-517265CDCB0E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{A08768B8-2E97-4763-9018-487D35A4665D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DDC95EC7-AA63-4B74-89AA-4E63704C5A10}C:\users\gamer91\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gamer91\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{47950E69-4F84-45BB-86B0-E8D66C4B8FE4}C:\users\gamer91\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gamer91\appdata\local\akamai\netsession_win.exe
FirewallRules: [{6AEF89A1-A0C4-4658-86D5-4476BD698EC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{FB47B3E6-8D2D-4D84-9B26-7DC8732681D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{A7195267-FD97-4116-AEA2-9D8E781B9200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{0CD701EC-F397-49C9-BCC0-18B8146DA04F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [TCP Query User{8EE38C6D-EBC6-4B8D-A858-A2B3A8C2BA18}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{A8E78E10-2682-4072-B29C-0561A7D6AD32}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe

==================== Wiederherstellungspunkte =========================

01-03-2017 23:55:29 Geplanter Prüfpunkt
02-03-2017 17:55:24 Installed NVIDIA PhysX
12-03-2017 14:43:59 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/13/2017 06:26:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/13/2017 06:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Gamer91-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (03/13/2017 06:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Gamer91-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (03/13/2017 06:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Gamer91-PC)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (03/13/2017 06:24:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\Gamer91\ntuser.dat

Error: (03/12/2017 02:44:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/12/2017 02:19:37 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/12/2017 02:05:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/12/2017 01:39:10 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/11/2017 06:17:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gamer91\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (03/13/2017 06:28:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/13/2017 06:28:20 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/13/2017 06:28:20 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/13/2017 06:28:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (03/13/2017 06:27:12 PM) (Source: DCOM) (EventID: 10010) (User: Gamer91-PC)
Description: Der Server "{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/13/2017 06:27:11 PM) (Source: DCOM) (EventID: 10010) (User: Gamer91-PC)
Description: Der Server "{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/13/2017 06:27:11 PM) (Source: DCOM) (EventID: 10010) (User: Gamer91-PC)
Description: Der Server "{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/13/2017 06:27:11 PM) (Source: DCOM) (EventID: 10010) (User: Gamer91-PC)
Description: Der Server "{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/13/2017 06:27:11 PM) (Source: DCOM) (EventID: 10010) (User: Gamer91-PC)
Description: Der Server "{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/13/2017 06:27:06 PM) (Source: DCOM) (EventID: 10010) (User: Gamer91-PC)
Description: Der Server "{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-03-06 13:24:54.715
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:54.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.186
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.182
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-01 23:53:24.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:24.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:24.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:23.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:23.947
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6300 Six-Core Processor 
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8140.05 MB
Verfügbarer physikalischer RAM: 4971.69 MB
Summe virtueller Speicher: 16332.05 MB
Verfügbarer virtueller Speicher: 13051.49 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:442.79 GB) (Free:23.77 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2063AF3E)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
Viele Grüße
Niklas

Alt 13.03.2017, 21:31   #13
M-K-D-B
/// TB-Ausbilder
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Servus,



evtl. blockiert Norton, einfach mal deaktivieren, bevor du FRST ausführst.

Wir haben es bald geschafft.







Hinweis: Der Suchlauf mit ESET kann länger dauern.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Chromium
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.







Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 15.03.2017, 00:53   #14
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Hallo,

der ESET Scan hat fast vier Stunden gedauert, deshalb die leicht verspätete Antwort..

Vorab zu den Fragen: Ich habe keine Probleme mit dem PC und den Browser feststellen können. Auch Norton zeigt mein System wieder als aktuell geschützt an.

An der Stelle möchte ich mich vielmals für die schnelle Hilfe hier bedanken!

Was mich noch interessieren würde bzgl. meines Antivirenprogrammes.. Würdest du Norton als guten Schutz vor Adware, Junkware etc.. empfehlen? Da mein Abo im Laufe dieses Jahres abläuft, überlege ich, ob es nicht sinnvoll ist, ein alternatives Programm zu wählen. Kannst du da etwas empfehlen?

Jetzt zu den Logfiles:

Fixlog:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (14-03-2017 20:44:28) Run:3
Gestartet von C:\Users\Gamer91\Desktop
Geladene Profile: Gamer91 (Verfügbare Profile: Gamer91 & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Chromium
end
        
*****************

HKEY_CURRENT_USER\SOFTWARE\Chromium => Schlüssel erfolgreich entfernt

==== Ende von Fixlog 20:44:28 ====
         
HitmanPro

Code:
ATTFilter
HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : GAMER91-PC
   Windows . . . . . . . : 10.0.0.14393.X64/6
   User name . . . . . . : Gamer91-PC\Gamer91
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-03-14 20:46:11
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 9m 1s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 10

   Objects scanned . . . : 2.432.636
   Files scanned . . . . : 83.390
   Remnants scanned  . . : 764.379 files / 1.584.867 keys

Suspicious files ____________________________________________________________

   C:\Users\Gamer91\AppData\Local\PunkBuster\BF3\pb\pbcls.dll
      Size . . . . . . . : 1.014.616 bytes
      Age  . . . . . . . : 811.3 days (2014-12-24 13:58:38)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 64D8D164CC4FF898DDCCBD5D588E88AF2C1F7EA464C2B7519C78BF0D30CC6F24
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Gamer91\AppData\Local\PunkBuster\BF3\pb\pbsv.dll
      Size . . . . . . . : 477.719 bytes
      Age  . . . . . . . : 811.3 days (2014-12-24 13:58:50)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : 491DDBE9A349FB44366A24AA569A1F90D307191305A31AC5B384D69772C4FF8E
      Fuzzy  . . . . . . : 25.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Gamer91\AppData\Local\PunkBuster\BFP4F\pb\dll\wc002304.dll
      Size . . . . . . . : 954.496 bytes
      Age  . . . . . . . : 811.9 days (2014-12-23 23:29:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EEBDAC091729B0B80A21E14B2CE0392E4584205BA06F5ED1B846C51D034A2177
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Gamer91\AppData\Local\PunkBuster\BFP4F\pb\pbcl.dll
      Size . . . . . . . : 954.496 bytes
      Age  . . . . . . . : 811.9 days (2014-12-23 23:29:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EEBDAC091729B0B80A21E14B2CE0392E4584205BA06F5ED1B846C51D034A2177
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Gamer91\AppData\Local\PunkBuster\BFP4F\pb\pbclold.dll
      Size . . . . . . . : 915.149 bytes
      Age  . . . . . . . : 811.9 days (2014-12-23 23:25:14)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E189EF452F559BFAC0C0A91EFADC78EAA569B915985A213F99666BE56FC86165
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Gamer91\AppData\Local\PunkBuster\BFP4F\pb\PnkBstrK.sys
      Size . . . . . . . : 139.424 bytes
      Age  . . . . . . . : 811.9 days (2014-12-23 23:26:11)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 2A97BC40220EE7B5383991EDB238A70B2D6A7881E54E465999E2EADD6A396029
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Gamer91\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 206.0 days (2016-08-20 20:54:02)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Gamer91\AppData\Local\PunkBuster\FC3\pb\pbcls.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 206.0 days (2016-08-20 20:54:02)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Gamer91\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138.032 bytes
      Age  . . . . . . . : 206.0 days (2016-08-20 20:54:22)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Gamer91\Desktop\FRST64.exe
      Size . . . . . . . : 2.424.320 bytes
      Age  . . . . . . . : 3.1 days (2017-03-11 18:00:05)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 888080A18968475A4AF792C1F4EAED87442D61A9BD32DAAD9763CB641B5C97D9
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Gamer91\Desktop\FRST64.exe
          0.1s C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\CmnClnt\ccSubSDK\{35AD1AA9-8007-497D-8160-CCB05E283545}
         
ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43baca12131ab64aa5b49c9c659114d2
# end=init
# utc_time=2017-03-14 07:56:56
# local_time=2017-03-14 08:56:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 32715
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43baca12131ab64aa5b49c9c659114d2
# end=updated
# utc_time=2017-03-14 08:00:51
# local_time=2017-03-14 09:00:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=43baca12131ab64aa5b49c9c659114d2
# engine=32715
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-14 11:26:01
# local_time=2017-03-15 12:26:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 626172 20864577 0 0
# scanned=399148
# found=0
# cleaned=0
# scan_time=12309
         
FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (Administrator) auf GAMER91-PC (15-03-2017 00:33:28)
Gestartet von C:\Users\Gamer91\Desktop
Geladene Profile: Gamer91 & DefaultAppPool (Verfügbare Profile: Gamer91 & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(© 2015 Microsoft Corporation) C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Spotify Ltd) C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coNatHst.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-27] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-05] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-06-07] (Plays.tv, LLC)
HKLM-x32\...\Run: [ChicoSys] => C:\WINDOWS\SysWOW64\cc32\webtmr.exe
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1209344 2016-07-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [BingSvc] => C:\Users\Gamer91\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Spotify] => C:\Users\Gamer91\AppData\Roaming\Spotify\Spotify.exe [7114352 2017-03-08] (Spotify Ltd)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Amazon Music] => C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe [5907944 2016-03-04] ()
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Spotify Web Helper] => C:\Users\Gamer91\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-08] (Spotify Ltd)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3019552 2017-03-13] (Valve Corporation)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27262432 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Gamer91\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\RunOnce: [Uninstall C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-20] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{40b7a773-8c94-4592-994d-20ca453a5403}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eb081c7a-3b7b-4bda-a4a9-afc884d6f119}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> {015860D7-7BDB-47AB-8049-1F8AC681F3B9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3272115789-219833374-1157450271-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-18] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-18] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935 [2017-03-15]
FF Homepage: Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935 -> hxxps://www.google.de/?gfe_rd=cr&ei=dzbEWLubMdOo8wfij4DYBg
FF Extension: (Ghostery) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\firefox@ghostery.com.xpi [2017-02-12]
FF Extension: (Norton Identity Safe) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\idsafe@norton.com.xpi [2017-03-07]
FF Extension: (NoScript) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-08]
FF Extension: (Adblock Plus) - C:\Users\Gamer91\AppData\Roaming\Mozilla\Firefox\Profiles\kwfws45o.default-1482087357935\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-18]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon [2017-03-07]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.9.0.71\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=14.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2014\Chem3D\npChem3DPlugin.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=14.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2014\ChemDraw\npcdp32.dll [Keine Datei]
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3272115789-219833374-1157450271-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-30] ()

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default [2017-03-14]
CHR Extension: (Google Präsentationen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-18]
CHR Extension: (Google Docs) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-18]
CHR Extension: (Google Drive) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-07]
CHR Extension: (YouTube) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18]
CHR Extension: (Google-Suche) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-06-07]
CHR Extension: (Yahoo Partner) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2016-12-18]
CHR Extension: (Google Tabellen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-18]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-08]
CHR Extension: (Google Docs Offline) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (Norton Identity Safe) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-18]
CHR Extension: (Userbrain Testing) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\llgephbnjacepipaoflhmabeclnghfic [2017-02-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14]
CHR Extension: (Google Mail) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-18]
CHR Extension: (Chrome Media Router) - C:\Users\Gamer91\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-07]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-03-07]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-04-14] ()
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-09-03] (EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-22] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-07] (Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2017-02-22] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\BASHDefs\20170307.001\BHDrvx64.sys [1831064 2017-03-03] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation)
S3 cy_System; C:\WINDOWS\System32\drivers\cy-wdriver.sys [36624 2015-11-11] (Cybits AG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-05] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R1 IDSVia64; C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\IPSDefs\20170313.001\IDSvia64.sys [1038024 2017-03-07] (Symantec Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-14] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-14] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SRTSP; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-20] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-20] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-20] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-03-07] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\SDSDefs\20170307.007\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\22.9.0.71\Definitions\SDSDefs\20170307.007\NAVEX15.SYS [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-15 00:31 - 2017-03-15 00:26 - 00001270 _____ C:\Users\Gamer91\Desktop\ESET.txt
2017-03-14 20:56 - 2017-03-14 20:56 - 02870984 _____ (ESET) C:\Users\Gamer91\Downloads\esetsmartinstaller_deu(1).exe
2017-03-14 20:45 - 2017-03-14 20:55 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-14 20:45 - 2017-03-14 20:45 - 11581544 _____ (SurfRight B.V.) C:\Users\Gamer91\Downloads\HitmanPro_x64.exe
2017-03-13 18:46 - 2017-03-13 18:46 - 00001728 _____ C:\Users\Gamer91\Desktop\SystemLook.txt
2017-03-13 18:32 - 2017-03-13 18:44 - 00001726 _____ C:\Users\Gamer91\Downloads\SystemLook.txt
2017-03-13 18:31 - 2017-03-13 18:32 - 00165376 _____ C:\Users\Gamer91\Downloads\SystemLook_x64.exe
2017-03-12 14:21 - 2017-03-13 18:49 - 00073135 _____ C:\Users\Gamer91\Desktop\Addition.txt
2017-03-12 14:20 - 2017-03-15 00:36 - 00031223 _____ C:\Users\Gamer91\Desktop\FRST.txt
2017-03-12 14:19 - 2017-03-12 14:19 - 00001238 _____ C:\Users\Gamer91\Desktop\mbam.txt
2017-03-12 14:04 - 2017-03-14 22:40 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-12 14:04 - 2017-03-14 17:39 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-12 14:04 - 2017-03-14 17:39 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-12 14:04 - 2017-03-14 17:39 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-12 14:04 - 2017-03-14 17:38 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 14:03 - 2017-03-12 14:03 - 57131432 _____ (Malwarebytes ) C:\Users\Gamer91\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-12 14:03 - 2017-03-12 14:03 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-12 14:03 - 2017-03-12 14:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-12 14:03 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-12 14:02 - 2017-03-12 14:02 - 00006291 _____ C:\Users\Gamer91\Desktop\AdwCleaner[S3].txt
2017-03-12 13:52 - 2017-03-12 13:52 - 04031440 _____ C:\Users\Gamer91\Desktop\AdwCleaner_6.044.exe
2017-03-12 13:51 - 2017-03-12 13:51 - 04031440 _____ C:\Users\Gamer91\Downloads\AdwCleaner_6.044.exe
2017-03-12 13:43 - 2017-03-12 13:44 - 00566128 _____ (Malwarebytes) C:\Users\Gamer91\Downloads\mbam-clean-2.3.0.1001.exe
2017-03-12 13:31 - 2017-03-14 20:44 - 00000555 _____ C:\Users\Gamer91\Desktop\Fixlog.txt
2017-03-12 01:40 - 2017-03-12 01:40 - 00000000 ____D C:\Users\Gamer91\Desktop\MagicJumps1.0.1
2017-03-12 01:39 - 2017-03-12 01:39 - 01169436 _____ C:\Users\Gamer91\Downloads\Magic-Jumps-Final-1.0.1.zip
2017-03-11 18:18 - 2017-03-11 18:35 - 00086456 _____ C:\TDSSKiller.3.1.0.12_11.03.2017_18.18.55_log.txt
2017-03-11 18:18 - 2017-03-11 18:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Gamer91\Downloads\tdsskiller(1).exe
2017-03-11 18:00 - 2017-03-11 18:00 - 02424320 _____ (Farbar) C:\Users\Gamer91\Desktop\FRST64.exe
2017-03-08 22:14 - 2017-03-08 22:14 - 00000000 ___HD C:\$SysReset
2017-03-07 20:14 - 2017-03-14 17:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-03-07 20:09 - 2017-03-07 20:09 - 00003392 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-03-07 20:08 - 2017-03-07 20:08 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-03-07 20:08 - 2017-03-07 20:08 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-03-07 20:08 - 2017-03-07 20:08 - 00002321 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-03-07 20:07 - 2017-03-07 20:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-03-07 20:07 - 2017-03-07 20:07 - 00001370 _____ C:\Users\Gamer91\Desktop\Norton Installation Files.lnk
2017-03-07 20:07 - 2017-03-07 20:07 - 00000000 ____D C:\Program Files\Norton Internet Security
2017-03-07 20:07 - 2017-03-07 20:07 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2017-03-07 20:06 - 2017-03-07 20:07 - 01027712 _____ (Symantec Corporation) C:\Users\Gamer91\Downloads\NortonNISDownloader.exe
2017-03-07 20:01 - 2017-03-07 20:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Remove and Reinstall
2017-03-07 19:56 - 2017-03-07 19:56 - 14417536 _____ (Symantec Corporation) C:\Users\Gamer91\Desktop\NRnR.exe
2017-03-07 19:36 - 2017-03-07 19:36 - 00000000 ____D C:\NPE
2017-03-07 19:35 - 2014-10-17 12:48 - 00170694 _____ C:\WINDOWS\ntbtlog.txt
2017-03-07 19:33 - 2017-03-07 19:33 - 03435768 _____ (Symantec Corporation) C:\Users\Gamer91\Downloads\NPE.exe
2017-03-02 17:56 - 2017-03-02 20:37 - 00000000 ____D C:\Users\Gamer91\Documents\gothic3
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\AGEIA
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-02 17:56 - 2017-03-02 17:56 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-02-18 01:20 - 2017-02-18 01:20 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AP Tuner 3.08
2017-02-18 01:20 - 2017-02-18 01:20 - 00000000 ____D C:\Program Files (x86)\AP Tuner
2017-02-14 00:42 - 2017-02-14 00:42 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Downloaded Installations
2017-02-14 00:42 - 2017-02-14 00:42 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-02-13 22:25 - 2017-02-13 22:25 - 00000000 ____D C:\WINDOWS\Panther
2017-02-13 22:20 - 2017-02-13 22:20 - 00000050 _____ C:\WINDOWS\system32\bridf08b.dat
2017-02-13 22:20 - 2017-02-13 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-02-13 22:19 - 2017-02-13 22:19 - 00000000 ____D C:\Program Files (x86)\Brother
2017-02-13 22:19 - 2009-05-19 17:39 - 00003072 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2017-02-13 22:19 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2017-02-13 22:19 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2017-02-13 22:19 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2017-02-13 22:19 - 2006-12-28 13:39 - 00176128 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll
2017-02-13 22:18 - 2017-02-13 22:18 - 50187152 _____ (A.I.SOFT,INC.) C:\Users\Gamer91\Downloads\DCP-195C-inst-B1-win78.EXE
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\Users\Gamer91\Downloads\wlan_wiz
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\Users\Gamer91\Downloads\mflpro_c1
2017-02-13 22:18 - 2017-02-13 22:18 - 00000000 ____D C:\ProgramData\Brother

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-15 00:33 - 2015-10-30 17:09 - 00000000 ____D C:\FRST
2017-03-15 00:22 - 2015-02-24 23:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-14 22:35 - 2016-09-21 18:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-14 22:21 - 2014-11-28 20:44 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\.minecraft
2017-03-14 21:54 - 2015-07-13 13:24 - 00000000 ___RD C:\Users\Gamer91\Desktop\Eigene Dateien
2017-03-14 20:41 - 2016-11-19 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-14 20:19 - 2016-11-19 11:51 - 00000000 ____D C:\Users\Gamer91\AppData\LocalLow\Mozilla
2017-03-14 20:14 - 2016-09-21 19:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-14 19:20 - 2015-03-30 20:25 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2017-03-14 18:26 - 2016-09-21 18:32 - 00000000 ____D C:\Users\Gamer91
2017-03-14 17:40 - 2015-07-20 13:58 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Spotify
2017-03-14 17:38 - 2016-09-21 19:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-14 14:54 - 2014-10-06 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-14 14:47 - 2015-07-20 14:02 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Spotify
2017-03-14 14:27 - 2016-09-21 19:01 - 00004428 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-14 14:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-14 14:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-14 13:19 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-14 13:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-14 00:55 - 2016-06-27 13:04 - 00552488 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-03-13 20:36 - 2016-09-21 18:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-03-13 20:36 - 2016-07-16 07:04 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-03-13 20:17 - 2015-08-03 23:39 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Skype
2017-03-13 18:25 - 2016-02-13 18:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-12 19:41 - 2016-04-04 17:41 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Packages
2017-03-12 13:57 - 2015-11-02 20:57 - 00000000 ____D C:\AdwCleaner
2017-03-12 13:37 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-12 13:34 - 2016-10-09 17:53 - 00000000 ____D C:\Users\Gamer91\AppData\LocalLow\Temp
2017-03-12 01:38 - 2017-02-01 02:37 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-03-11 18:04 - 2015-10-30 20:20 - 00074324 _____ C:\Users\Gamer91\Downloads\Addition.txt
2017-03-11 18:04 - 2015-10-30 20:20 - 00042928 _____ C:\Users\Gamer91\Downloads\FRST.txt
2017-03-07 20:14 - 2014-10-06 20:32 - 00000000 ____D C:\ProgramData\Norton
2017-03-07 20:08 - 2014-10-06 20:34 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-03-07 20:07 - 2014-11-01 17:59 - 00000000 ____D C:\Users\Public\Downloads\Norton
2017-03-07 20:07 - 2014-10-06 20:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-03-07 19:55 - 2015-06-27 12:18 - 00000000 ____D C:\Users\Gamer91\AppData\Local\NPE
2017-03-07 01:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-06 15:57 - 2015-03-23 21:37 - 00000000 ____D C:\Users\Gamer91\AppData\Local\CrashDumps
2017-03-06 15:43 - 2015-10-29 01:02 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\vlc
2017-03-06 13:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-03-06 13:18 - 2016-09-21 18:22 - 00349664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-03 20:43 - 2016-08-20 14:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-03 16:53 - 2016-04-06 15:46 - 00000000 ____D C:\Users\Gamer91\Documents\Soundaufnahmen
2017-03-03 16:28 - 2015-11-02 21:06 - 01798976 _____ (Malwarebytes) C:\Users\Gamer91\Downloads\JRT.exe
2017-03-03 00:59 - 2016-06-17 19:18 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\TS3Client
2017-03-02 21:31 - 2015-09-03 19:14 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\7DaysToDie
2017-03-01 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-01 17:47 - 2015-05-06 19:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-02-28 23:45 - 2014-10-06 21:23 - 00000000 ____D C:\ProgramData\Origin
2017-02-28 23:42 - 2014-12-23 21:13 - 00000000 ____D C:\Users\Gamer91\AppData\Roaming\Origin
2017-02-28 23:05 - 2014-10-06 21:23 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-28 14:31 - 2014-12-23 23:26 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2017-02-28 14:31 - 2014-12-23 23:17 - 00348928 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-02-28 14:31 - 2014-12-23 23:17 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-02-24 03:48 - 2015-05-12 15:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 22:17 - 2014-11-02 17:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 22:14 - 2014-11-02 17:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 21:53 - 2014-12-23 23:17 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-02-22 19:34 - 2014-10-06 21:54 - 00000000 ____D C:\Users\Gamer91\AppData\Local\TeamSpeak 3 Client
2017-02-22 15:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 17:09 - 2017-02-09 01:07 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Akamai
2017-02-17 22:52 - 2015-09-14 00:28 - 00000000 ____D C:\Users\Gamer91\Documents\Outlook-Dateien
2017-02-17 21:38 - 2016-04-25 18:56 - 00000000 ____D C:\Users\Gamer91\AppData\Local\Battle.net
2017-02-17 19:25 - 2016-11-20 15:41 - 00000000 ____D C:\Program Files (x86)\Diablo III
2017-02-17 19:22 - 2016-04-25 19:03 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2017-02-17 18:29 - 2016-04-25 18:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-02-17 16:53 - 2016-08-08 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-13 22:19 - 2014-10-06 20:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-13 22:09 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-13 22:09 - 2015-05-04 18:36 - 00000425 _____ C:\WINDOWS\BRWMARK.INI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-16 22:55 - 2014-04-16 22:55 - 0009130 _____ () C:\Program Files (x86)\Common Files\Samples.sln
2015-05-12 15:56 - 2017-03-12 19:40 - 0076350 _____ () C:\Users\Gamer91\AppData\Local\CDXLExtendedShim.log
2015-08-04 16:40 - 2015-08-10 12:18 - 0004608 _____ () C:\Users\Gamer91\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-06 02:07 - 2015-11-06 02:07 - 0000853 _____ () C:\Users\Gamer91\AppData\Local\recently-used.xbel
2015-08-08 13:38 - 2015-08-08 13:38 - 0000040 _____ () C:\ProgramData\ra3.ini

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-08 20:16

==================== Ende von FRST.txt ============================
         

Alt 15.03.2017, 00:54   #15
Niklas98
 
Probleme mit Norton Internet Security - Standard

Probleme mit Norton Internet Security



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Gamer91 (15-03-2017 00:37:26)
Gestartet von C:\Users\Gamer91\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-21 18:04:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3272115789-219833374-1157450271-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3272115789-219833374-1157450271-503 - Limited - Disabled)
Gamer91 (S-1-5-21-3272115789-219833374-1157450271-1000 - Administrator - Enabled) => C:\Users\Gamer91
Gast (S-1-5-21-3272115789-219833374-1157450271-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3272115789-219833374-1157450271-1005 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

„Der Herr der Ringe Online™“ v1903.0058.2732.4095 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1903.0058.2732.4095 - Standing Stone Games, LLC)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Music (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Amazon Amazon Music) (Version: 4.2.0.1281 - Amazon Services LLC)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CambridgeSoft ChemScript 14.0 (HKLM-x32\...\{6053D436-AF21-4D67-A458-04C2B969A865}) (Version: 14.0 - CambridgeSoft Corporation)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.01095 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.3.01095 - Cisco Systems, Inc.) Hidden
Command & Conquer 3 Tiberium Wars™ (HKLM-x32\...\{CAC9DCAF-0EA8-442C-97EA-CA6F5755390A}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™ Alarmstufe Rot™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Devil May Cry® 4 Special Edition (HKLM\...\Steam App 329050) (Version:  - CAPCOM Co., Ltd.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
Fable Anniversary (HKLM\...\Steam App 288470) (Version:  - Lionhead Studios)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gothic (HKLM\...\Steam App 65540) (Version:  - Piranha – Bytes)
Gothic 3 (HKLM\...\Steam App 39500) (Version:  - Piranha – Bytes)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
Half-Life (HKLM\...\Steam App 70) (Version:  - Valve)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KKND Krossfire (HKLM-x32\...\KKND Krossfire) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4903.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.0.6270 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Origin 2016 (HKLM-x32\...\{DC460501-EEFA-4701-8AD8-5F7DE1B70436}) (Version: 9.30.00 - OriginLab Corporation)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.11.2-r113542-release - Plays.tv, LLC)
Portal (HKLM\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PunkBuster für Battlefield 1942 (HKLM-x32\...\{127B684B-A002-44C8-99A7-6CF8F1E26873}) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3: Platinum! (HKLM\...\Steam App 2700) (Version:  - Frontier)
RollerCoaster Tycoon: Deluxe (HKLM\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SpellForce: Platinum Edition (HKLM-x32\...\Steam App 39540) (Version:  - Phenomic)
Spotify (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subnautica (HKLM\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
TeamSpeak 3 Client (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 6.1 - Ubisoft)
Victor Vran (HKLM-x32\...\Steam App 345180) (Version:  - Haemimont Games)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\Warcraft III) (Version:  - )
Warlords Battlecry 3 (HKLM-x32\...\GOGPACKWARLORDSBATTLECRY3_is1) (Version: 2.2.1.15 - GOG.com)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.131 - MSI)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3272115789-219833374-1157450271-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02F6868D-9EF9-4A72-8532-CFDC25297F9E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {041F417F-AB24-4D76-AAF8-52A99CD1F7E5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {151B965D-8EA2-4477-8E1D-74B24F025AEB} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.)
Task: {1A1A84E5-DB1B-45DA-9A53-E1D77D6AC2CB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1E5D5F20-8910-4A4E-A581-665EE5BF3C6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {251D9A76-3781-477A-9577-3CF2FDDAF1EC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {2919BC6F-F874-46C9-BC55-D2E2D4CC58CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {30EAC827-F44E-466B-A1C1-7BFC8C9314DC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3676FA00-EAEB-43AB-AE14-4BE7707BF922} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3839E028-D883-4891-90D8-09B9EEA15347} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {4116AE38-8F44-4BAC-9F4A-058100DC30CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {44190C28-B165-4A00-974C-EECF58A39461} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {59D20292-B675-450A-82FE-1B17CE104053} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {5BA20FAA-52BE-4AA3-AFE9-0C472A63D553} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {62A37828-7FBC-44F8-901D-29D506543206} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {69609B8A-3613-44FE-8282-D39C31567F11} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6E5AEC8B-8634-424D-A1C0-DE16AB667C75} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7C59C346-7E70-4D06-8AD6-C1216F0748F4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7D970669-8C84-4488-B9BF-44CE84CFCBC8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {886D2662-AF30-46CF-A701-5BEF0EADC361} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {8CA9D5C4-7A1F-45E4-B57D-EF13E081166E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {930F3812-9A28-4176-8E16-193CD68E0E23} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {981B6B9A-C508-4676-B2AE-DBB350E11BF0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9984C7C2-334F-4A3B-8A69-44C7FC8EF584} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.)
Task: {A4AC0FBE-AC90-4F7C-8B5F-EC501178E283} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {ABE27ECA-DF9D-4574-BA3A-6B3FF9323E4D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {AD9D19D3-1B9D-4C05-AC4A-CDC73A3734D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {B557D63C-D35B-47D4-8002-A3605DC6FAA5} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)
Task: {BFA8C52B-CF28-412B-9DA2-8F43A0B35C42} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {CC9A5746-D001-449B-BD65-828B7074018E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D1BF4A07-3E21-45D0-9725-3E852A7B87A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {D76E2E96-D6F8-4EF3-8F2A-4A1224B1DA00} - System32\Tasks\{68A970A5-B6E2-46D2-8B13-31B7399A614D} => C:\Program Files (x86)\EA Games\Battlefield 1942\BF1942.exe 
Task: {D845E5EB-DF41-4F36-B3C8-1C2E61292518} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {DA0C877A-5C63-4768-A43F-F4BE2E9328A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E3E5E3E5-3151-40DA-8B4C-21AE1D2D312D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F6933868-3E42-4951-A6B1-929B0F1D13B2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F7188B9C-B6DC-4C39-A316-2BC7914689E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {F7F65BFE-3AF7-4ED1-95B2-0A2261F7B09E} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-20] (Symantec Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Gamer91\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-12-23 23:17 - 2017-02-22 21:53 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2015-05-06 19:13 - 2017-01-17 03:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-03-12 14:03 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-12 14:03 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-17 13:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-21 19:11 - 2016-09-21 19:11 - 00959168 _____ () C:\Users\Gamer91\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-21 19:15 - 2016-09-21 19:15 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-14 14:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-12-08 21:01 - 2016-03-04 22:34 - 05907944 _____ () C:\Users\Gamer91\AppData\Local\Amazon Music\Amazon Music Helper.exe
2017-02-13 22:19 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2017-01-14 14:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-14 14:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-14 14:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-14 13:18 - 2017-03-14 13:18 - 03879424 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-03-09 10:23 - 2017-03-09 10:23 - 10650112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-03-09 10:23 - 2017-03-09 10:23 - 02653184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-03-09 10:23 - 2017-03-09 10:23 - 00761344 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-03-02 14:29 - 2017-03-02 14:30 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 14:29 - 2017-03-02 14:30 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 14:29 - 2017-03-02 14:30 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 13:32 - 2016-06-03 13:33 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 14:29 - 2017-03-02 14:30 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 14:29 - 2017-03-02 14:30 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-04-04 18:30 - 2016-04-04 18:30 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-13 11:33 - 2017-03-13 11:33 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 11:33 - 2017-03-13 11:33 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 11:33 - 2017-03-13 11:33 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 11:33 - 2017-03-13 11:33 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2016-07-10 12:37 - 2016-07-10 12:37 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 21:48 - 2015-11-24 21:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 21:46 - 2015-11-24 21:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 21:48 - 2015-11-24 21:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 21:57 - 2015-12-07 21:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 21:47 - 2015-11-24 21:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 21:43 - 2015-11-24 21:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-09-23 21:53 - 2017-02-22 19:35 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-13 22:19 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-11-11 10:47 - 2017-02-03 02:42 - 00668960 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-01 16:29 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-18 15:51 - 2017-03-13 23:04 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-01 16:29 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-01 16:29 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-01 13:31 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-01 13:31 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-01 13:31 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-01 13:31 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-01 13:31 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-02-18 15:51 - 2017-03-13 23:04 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-27 19:32 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-17 13:40 - 2017-01-30 22:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-02-18 15:51 - 2017-03-13 23:04 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-01-23 14:34 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\sharepoint.com -> hxxps://uzk-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-26 17:57 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3272115789-219833374-1157450271-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3272115789-219833374-1157450271-1000\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02599B5D-492F-4CF7-B615-27B978D932B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{5230EE99-281A-4BEF-850B-DAA432131E77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8909A175-8419-4ED1-B29F-E510DDE1A11F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{EEBBB532-BF34-4339-A2B3-5467F8FCB6A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6C5BF478-0732-442C-80BA-EFE159BED705}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1ED994CB-930E-4D0A-B185-CE35C661722C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{9EEB87EF-2F51-4986-A218-F3C62BA3758C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{FB4C4EE9-F7A3-4C98-9F98-6591F128AF9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{F340D168-092D-4E6D-A32D-3E2D6B6394DC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{48841AB1-0D33-47EF-9DB6-CFCAB4FFD711}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4E5D8481-364C-467C-8081-C9E355A33EBE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{42B63D21-2F80-45F6-B729-FAD069E154E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{77B7CD71-2DA2-4F25-B30D-259DD0DFB1B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{61DF0270-4D40-45A9-9762-46FDC1D051FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{5DBFCB45-178C-4623-97A8-E1A040F317E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Special Edition\DevilMayCry4SpecialEdition.exe
FirewallRules: [{4701A06E-7339-4F14-BA80-68ADE9CE09E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Special Edition\DevilMayCry4SpecialEdition.exe
FirewallRules: [{5C6C19EA-7BB5-4626-8063-43C3CE5D6CE0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BE7494E1-5CFC-4D86-B381-8ED11AD1D7A7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9F8DFB22-E1F6-4604-A146-AB67852F28C6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{DD507483-08FD-4B4C-9736-0782AD0631E9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{C36C6362-A1FB-4612-8D35-DEE640F77BB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{5B8C709A-F445-4C8E-9FD7-FF240EF1086B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{AB4B822B-8EC6-4821-AF76-AF1E18899CD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{637A9188-4F0D-428C-8DF9-5526D1EFF86A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fable Anniversary\Binaries\Win32\Fable Anniversary.exe
FirewallRules: [{1E496823-9DE3-4892-BD1A-43D6C27E4F1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{42C7BD2F-5185-4965-A5EB-EB072C81F12B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{9DCA1FEF-8302-4990-B91E-8E23E4D171B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{8FA6659B-4586-433C-9016-8FE472B0DC32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{8273F4C1-C805-4EFA-AE7F-58705A0F13A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{37627DDF-48BE-40D0-8012-50819CA7E028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{73DB6EDD-9612-451F-B75B-90D5BECA1860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{E4B16E4A-D28B-4CA1-8645-175641FD531E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{A1435155-94D9-4ECC-9EDA-A16AB87A587F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{203BE1CF-AE30-44F6-AE49-8A51EC4C8E69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{C26107C6-5395-454C-922D-EF0A39A6A9A1}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{9DC41FF1-E423-45C3-8F06-7A2130B463E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{3C67D83A-CD36-4637-9BD3-8B62EE3AE493}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{4A45097C-9E66-422A-B7EB-94F1FD6ED379}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{84E169AA-C7A4-4F96-8265-EA5E9536A9D6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{386A9C23-D745-4FC8-A674-DEA99407FB30}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DFF44BDB-6C2A-4005-9CCC-647AFBFBF41D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{669216A6-EC8D-408C-B6B8-858626551905}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Subnautica\Subnautica.exe
FirewallRules: [{DBB631C4-3C21-40CF-8564-A653486CD3E8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{9BADE01E-674F-4C1E-894B-E06AF1E80E2E}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{31E5D0EC-F50C-46FC-AA04-362536F05EF5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9C870E38-6188-4F9E-AFAB-177B758468F2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{A7633A1E-D4B6-4777-98CF-F26A091D3112}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8FE99B01-B3C1-4447-A18C-646532DA4CC9}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{709EB2CF-6A56-4617-86DC-D3AC5EE4C9CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4529BD38-9D66-4717-88EA-C93A689C1497}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F42EDED-BCBA-43F3-83D5-4A9AF95A5876}] => (Allow) C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{340F343B-104A-438C-AD68-EA5A013D8748}] => (Allow) C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{E80B6E19-D401-49F4-BE20-17E6B6C76DDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FBC22650-F5B8-4406-ACC4-8EF027CEB176}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9209A698-57A7-4423-9B14-FA91B44F012A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C9906C5-EE14-49B2-A322-CF0B3BEC3569}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{84DB6419-A167-49D0-98B6-ECC196EDEE4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D49A5FFC-9BC4-4E68-87E7-355CF2ADD4E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A96A1D99-1B0D-49AD-893E-690E0BDA75A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce Platinum Edition\SpellForce.exe
FirewallRules: [{D85002E8-20FC-407F-BBD7-DDF31591F485}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce Platinum Edition\SpellForce.exe
FirewallRules: [{E9BACD9D-0823-4D57-99FC-868452D18FD6}] => (Allow) C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A14DC914-027E-4E21-BA1E-F04AE302F592}] => (Allow) C:\Users\Gamer91\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{9B9ED3DA-0AC8-48CA-8ABF-CD2630065443}C:\users\gamer91\desktop\warcraft iii\war3.exe] => (Block) C:\users\gamer91\desktop\warcraft iii\war3.exe
FirewallRules: [UDP Query User{F01838EB-C53E-4E72-A97B-524BF2359344}C:\users\gamer91\desktop\warcraft iii\war3.exe] => (Block) C:\users\gamer91\desktop\warcraft iii\war3.exe
FirewallRules: [TCP Query User{C7681711-0464-40F3-8C75-69CB79B8383D}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{ED1A417F-5883-436B-A46B-B033849E1E3B}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{7D1B68D4-F6B2-47D0-BEB6-D15905437FCC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{713E309C-DCF2-4868-9226-EA1E8903DC70}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{834597F2-1FA3-456E-B2C2-80A089471A4B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{DF54B31E-EC58-4A9A-96E3-9DBA9B4A5A2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{48D352AA-0218-406E-A1CD-7314341C48DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{A83A129C-69A5-47CA-BF76-BDD67739EC46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victor Vran\VictorVranSteam.exe
FirewallRules: [{F4D74017-9A17-4929-8370-AAAFE3750DDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victor Vran\VictorVranSteam.exe
FirewallRules: [TCP Query User{3EE710F2-6EC6-4287-8198-98558E7A5F6C}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{75344311-3943-4043-B3BB-0F92D3E6DA37}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B8FFBA58-EDF0-4350-B168-5C87481AF1E3}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7706BE55-D3CD-4EDD-A748-071B8AD65D81}C:\users\gamer91\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gamer91\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EF92653-2C4B-408F-ABFF-8BE6484F2A67}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{56694050-1B80-4D87-A510-5F99016C6544}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{7A7400A1-9849-4A3A-AE74-9B77AFEF908A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{1CBA7726-848A-4E1D-8C46-490824E37F16}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{9CCF5C3A-78C2-47E3-9558-80C149CFD7CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{540E4832-B3A3-4B2D-AF1B-B4926B1F8593}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{012A3F71-5066-4947-9155-140B53B6CE77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6BD2EC0B-D6DD-4DFF-B668-08AD1AB611C0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{4D2C78AD-2B71-43EF-98DC-944AF61CFD91}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{424D27C4-82D6-4592-8F0A-C4DFC1226A42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{D259E544-E88D-4833-9ABC-F0DC29E35EEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{13AC390D-4B6D-49BC-A10B-65B232E6497C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0AFA6D23-1751-4E7F-9C30-CEC5C22AF50C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6172031D-0411-44BC-817F-0FDC3DFED9BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DA1FE983-DB7D-4AC3-A3EB-35E63E668FDE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EEDDBD71-A280-4B68-BC9C-9B1C8AB14D7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{841E2F98-D0C9-4190-9A43-78C55EC51A73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{06CA3BF6-19D3-45DB-8F6B-4819EFC479D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{EFF29DF3-EDD0-4CEE-B363-BADEA63416D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [TCP Query User{486FB8DE-00F9-45A7-96FC-BD3D26D1E613}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{85AB47CE-07E1-435E-B581-7D93901E580B}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{8B358B63-DF77-4FD9-AFC7-CAB18E823DB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{38250A57-5400-47B1-A9A9-AFABCF7AF6E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{0B910D50-A572-4682-A618-B4421C1D260B}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{C32AC7AF-B651-4015-B62F-AAA199BE4A32}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{FE69E1DE-F538-46CF-9827-08F8F0D28A72}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{AA5464C5-2476-4156-ADC2-54DD9B7F3A54}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [TCP Query User{E19BC58B-6269-4FD8-B298-CCC43E97CD87}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{0CB90E89-0985-44ED-80CA-A763212F12D6}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{DD493C8F-9495-4F00-B04E-456F685B940C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A4857E9F-F1D3-4DC7-8AF9-BB7B167EFA42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{FF791F44-FA5F-4B91-A2B0-B22A5A91C1CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A0FFBC5D-EB56-4FD8-8DCF-286B7C260550}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E9C6F915-A110-4D6E-B5F1-03B77348B43F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{D6D89501-34D3-4FF6-96EA-9A7574169636}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{2A553F50-3A69-4BE8-BC60-159FC021FE05}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{E8883B0A-302E-4CE7-8E82-517265CDCB0E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{A08768B8-2E97-4763-9018-487D35A4665D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DDC95EC7-AA63-4B74-89AA-4E63704C5A10}C:\users\gamer91\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gamer91\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{47950E69-4F84-45BB-86B0-E8D66C4B8FE4}C:\users\gamer91\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\gamer91\appdata\local\akamai\netsession_win.exe
FirewallRules: [{6AEF89A1-A0C4-4658-86D5-4476BD698EC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{FB47B3E6-8D2D-4D84-9B26-7DC8732681D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{A7195267-FD97-4116-AEA2-9D8E781B9200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{0CD701EC-F397-49C9-BCC0-18B8146DA04F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [TCP Query User{8EE38C6D-EBC6-4B8D-A858-A2B3A8C2BA18}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{A8E78E10-2682-4072-B29C-0561A7D6AD32}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe

==================== Wiederherstellungspunkte =========================

02-03-2017 17:55:24 Installed NVIDIA PhysX
12-03-2017 14:43:59 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/15/2017 12:31:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/15/2017 12:31:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/15/2017 12:30:46 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/14/2017 09:52:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gamer91\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/14/2017 08:59:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/14/2017 08:57:40 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (03/14/2017 08:57:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/14/2017 08:56:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\gamer91\downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/14/2017 08:56:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gamer91\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/14/2017 08:56:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gamer91\Downloads\esetsmartinstaller_deu(1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (03/14/2017 09:00:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 09:00:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gamer91\AppData\Local\Temp\ehdrv.sys

Error: (03/14/2017 09:00:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 09:00:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gamer91\AppData\Local\Temp\ehdrv.sys

Error: (03/14/2017 09:00:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 09:00:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gamer91\AppData\Local\Temp\ehdrv.sys

Error: (03/14/2017 08:57:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 08:57:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gamer91\AppData\Local\Temp\ehdrv.sys

Error: (03/14/2017 08:57:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/14/2017 08:57:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Gamer91\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-03-06 13:24:54.715
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:54.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.186
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.182
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-06 13:24:49.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-01 23:53:24.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:24.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:24.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:23.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-03-01 23:53:23.947
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6300 Six-Core Processor 
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 8140.05 MB
Verfügbarer physikalischer RAM: 3775.06 MB
Summe virtueller Speicher: 16332.05 MB
Verfügbarer virtueller Speicher: 10248.21 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:442.79 GB) (Free:22.91 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2063AF3E)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
Viele Grüße
Niklas

Antwort

Themen zu Probleme mit Norton Internet Security
anschluss, antiviren, beste, besten, betriebssystem, biete, bietet, computer, durchgeführt, gestartet, interne, internet, lösung, nachricht, neustarten, nichts, norton, norton internet security, power, probleme, programm, scan, security, website, wirklich



Ähnliche Themen: Probleme mit Norton Internet Security


  1. Norton Internet security
    Diskussionsforum - 01.05.2014 (6)
  2. Unlogik von Norton Internet Security
    Diskussionsforum - 23.04.2014 (29)
  3. Norton Internet Security ausschalten
    Alles rund um Windows - 23.09.2013 (4)
  4. Was haltet ihr von Norton Internet Security??
    Diskussionsforum - 22.09.2013 (19)
  5. Norton Internet Security
    Überwachung, Datenschutz und Spam - 21.06.2010 (1)
  6. Norton Internet Security
    Antiviren-, Firewall- und andere Schutzprogramme - 29.10.2009 (2)
  7. Probleme mit Norton Internet Security 2008
    Mülltonne - 03.10.2008 (0)
  8. Norton Internet Security / AntiVirus
    Antiviren-, Firewall- und andere Schutzprogramme - 29.04.2006 (2)
  9. Norton Internet Security 2006
    Antiviren-, Firewall- und andere Schutzprogramme - 26.03.2006 (28)
  10. Norton Internet Security ?
    Antiviren-, Firewall- und andere Schutzprogramme - 17.03.2006 (10)
  11. Norton Internet Security - rate ab!
    Antiviren-, Firewall- und andere Schutzprogramme - 12.08.2005 (8)
  12. Norton Internet Security 2005
    Antiviren-, Firewall- und andere Schutzprogramme - 12.07.2005 (2)
  13. Norton Internet Security Problem
    Plagegeister aller Art und deren Bekämpfung - 20.02.2005 (3)
  14. Norton Internet Security 2003
    Antiviren-, Firewall- und andere Schutzprogramme - 10.01.2005 (1)
  15. Norton Internet Security 2003
    Plagegeister aller Art und deren Bekämpfung - 10.02.2003 (17)
  16. Norton Internet Security 2003
    Antiviren-, Firewall- und andere Schutzprogramme - 04.02.2003 (7)
  17. Frage zu Norton Internet Security 2003
    Archiv - 27.01.2003 (2)

Zum Thema Probleme mit Norton Internet Security - Hallo liebe Community, ich habe seit gestern Probleme mit meinem Antiviren Programm: Norton Internet Security. Es began damit, dass ich meinen PC gestartet habe und Norton nicht gestartet wurde. Auch - Probleme mit Norton Internet Security...
Archiv
Du betrachtest: Probleme mit Norton Internet Security auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.