Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Weiterleitungen und Werbung in allen Browsern

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.06.2017, 02:44   #1
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Hallo,
ich habe seit heute Abend in allen installierten Browsern (Edge, Chrome, Tor) bei Google unter der Suchleiste einen großen Werbebanner und bei Youtube unter jeder Zeile (Abos, Trends, Kanalempfehlungen usw.) ebenfalls einen (leeren) Banner. Kurz nachdem ich mich hier registriert habe wurde ich auf eine Seite weitergeleitet wo mir ein Gewinnspiel vom Trojaner-Board angeboten wurde, welche ich aber wieder geschlossen habe. Ich habe bereits einen Virenscan (AVG Free) durchgeführt, Chrome zurückgesetzt und mein Glück mit AdwCleaner und Malwarebytes Anti-Malware versucht, aber die Banner sind weiterhin vorhanden.

Vielen Dank im Voraus für eure Hilfe
Benjamin

Geändert von LePhoenix (25.06.2017 um 02:51 Uhr)

Alt 26.06.2017, 11:10   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Zitat:
und mein Glück mit AdwCleaner und Malwarebytes Anti-Malware versucht,

Die Logs dazu musst du schon posten, denn funktionierende sind Mangelware...


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 26.06.2017, 11:29   #3
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Warum auch immer sind die Werbeanzeigen gestern wieder verschwunden, aber der AdwCleaner hat immer noch zwei Sachen die er nicht los wird. Hier mal die letzte Log-Datei aus dem AdwCleaner:
Code:
ATTFilter
# AdwCleaner v6.047 - Bericht erstellt am 26/06/2017 um 11:13:41
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-06-23.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Benjamin - DESKTOP-D3G9100
# Gestartet von : C:\Users\Benjamin\Desktop\adwcleaner_6.047__1_.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****

[-] [C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: search.iminent.com
[-] [C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: vlc.de


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1339 Bytes] - [25/06/2017 00:51:08]
C:\AdwCleaner\AdwCleaner[C2].txt - [1513 Bytes] - [25/06/2017 02:13:10]
C:\AdwCleaner\AdwCleaner[C3].txt - [1659 Bytes] - [25/06/2017 12:18:17]
C:\AdwCleaner\AdwCleaner[C4].txt - [1805 Bytes] - [25/06/2017 13:22:18]
C:\AdwCleaner\AdwCleaner[C5].txt - [2100 Bytes] - [25/06/2017 14:25:49]
C:\AdwCleaner\AdwCleaner[C6].txt - [2246 Bytes] - [25/06/2017 21:38:42]
C:\AdwCleaner\AdwCleaner[C7].txt - [1656 Bytes] - [26/06/2017 11:13:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [1744 Bytes] - [25/06/2017 00:50:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [1487 Bytes] - [25/06/2017 00:56:24]
C:\AdwCleaner\AdwCleaner[S2].txt - [1960 Bytes] - [25/06/2017 02:12:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2106 Bytes] - [25/06/2017 12:17:38]
C:\AdwCleaner\AdwCleaner[S4].txt - [2252 Bytes] - [25/06/2017 12:31:56]
C:\AdwCleaner\AdwCleaner[S5].txt - [2398 Bytes] - [25/06/2017 14:25:31]
C:\AdwCleaner\AdwCleaner[S6].txt - [2544 Bytes] - [25/06/2017 21:35:31]
C:\AdwCleaner\AdwCleaner[S7].txt - [2690 Bytes] - [26/06/2017 11:12:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [2313 Bytes] ##########
         
und hier die von Malwarebytes Anti-Malware:
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 26.06.17
Scan-Zeit: 11:22
Protokolldatei: Malwarebytes Anti-Malware 170626.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.141
Version des Aktualisierungspakets: 1.0.2232
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-D3G9100\Benjamin

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 426717
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 2 Min., 21 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
__________________

Alt 26.06.2017, 11:32   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Und Malwarebytes hat nix (nie?) etwas gefunden??
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.06.2017, 11:33   #5
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Nein. Das hat mich auch sehr irritiert, weil ich ja gesehen habe, dass irgendwas nicht in Ordnung war/ist.


Alt 26.06.2017, 11:47   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Weiterleitungen und Werbung in allen Browsern

Alt 26.06.2017, 11:54   #7
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
durchgeführt von Benjamin (Administrator) auf DESKTOP-D3G9100 (26-06-2017 11:48:34)
Gestartet von C:\Users\Benjamin\Desktop
Geladene Profile: Benjamin (Verfügbare Profile: Benjamin)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\System32\PnkBstrA.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) P:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
() P:\Program Files (x86)\Windscribe\WindscribeService.exe
(LogMeIn Inc.) P:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Electronic Arts) P:\Games\Origin\OriginWebHelperService.exe
(LogMeIn, Inc.) P:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() P:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(IvoSoft) P:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) P:\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(Spotify Ltd) C:\Users\Benjamin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\nhAsusU7UILauncher.exe
() C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\x64\nhAsusU7Svc64.exe
(ROCCAT GmbH) P:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Valve Corporation) P:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(LogMeIn Inc.) P:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) P:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-04-21] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => P:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-05-24] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [RoccatIsku] => P:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => P:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [6153128 2017-05-22] (LogMeIn Inc.)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [Steam] => P:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [f.lux] => C:\Users\Benjamin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [Spotify Web Helper] => C:\Users\Benjamin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-22] (Spotify Ltd)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [nhAsusU7UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\nhAsusU7UILauncher.exe [3544880 2015-01-28] ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{7c542192-c021-4b1b-b7fa-c386dc9b6e6f}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ce200d8b-0a68-49b4-8b10-9827185347a0}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> P:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> P:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default ->  Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR DefaultSearchURL: Default -> hxxps://search.mediatab.tv/search.php?q={searchTerms}
CHR DefaultSearchKeyword: Default -> www.mediatab.tv
CHR DefaultSuggestURL: Default -> hxxps://search.mediatab.tv/suggest.php?client=chrome&q={searchTerms}
CHR Profile: C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default [2017-06-26]
CHR Extension: (Google Präsentationen) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-21]
CHR Extension: (Google Docs) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-21]
CHR Extension: (Google Drive) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-04-21]
CHR Extension: (YouTube) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-21]
CHR Extension: (Adblock Plus) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Tampermonkey) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-31]
CHR Extension: (Gmail offline) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-04-21]
CHR Extension: (Facebook Disconnect) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2016-04-21]
CHR Extension: (Full Page Screen Capture) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2016-09-14]
CHR Extension: (Google Tabellen) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-21]
CHR Extension: (Key Socket Media Keys) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fphfgdknbpakeedbaenojjdcdoajihik [2017-06-08]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21]
CHR Extension: (Desktop Notifications für Android) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni [2016-11-24]
CHR Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\heajfgnegopeedndeahkdjedjkjcmnpb [2016-08-15]
CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2017-06-19]
CHR Extension: (agar.io server browser) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2016-04-21]
CHR Extension: (New Tab Redirect) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2016-04-21]
CHR Extension: (Wood-7) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieinhcgomaoikbidgmbhjkcedelgipmi [2017-06-25]
CHR Extension: (Shareaholic für Google Chrome) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2016-04-21]
CHR Extension: (Turbo for YouTube) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgnmngkgolhffjjdaipkkjbmbnpefef [2017-03-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-04-29]
CHR Extension: (Google Mail-Checker) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-04-21]
CHR Extension: (Privacy Palette) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone [2016-04-21]
CHR Extension: (Iomods) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2016-04-21]
CHR Extension: (Hotspot Shield Free VPN Proxy – Entsperrung) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2017-06-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (AutoScroll) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\occjjkgifpmdgodlplnacmkejpdionan [2016-07-13]
CHR Extension: (ScriptSafe) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2017-06-25]
CHR Extension: (Google Mail) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR HKU\S-1-5-21-1950188543-441825992-3618123389-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [himfhebcckichhmfhakibncfghepkclb] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-05-24] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-05-24] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-31] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2017-03-18] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
R2 Hamachi2Svc; P:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3760040 2017-05-22] (LogMeIn Inc.)
S3 HnGSteamService; P:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [778024 2017-06-21] (Reto-Moto ApS)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; P:\Games\Origin\OriginClientService.exe [2157456 2017-06-01] (Electronic Arts)
R2 Origin Web Helper Service; P:\Games\Origin\OriginWebHelperService.exe [3127192 2017-06-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-07-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-07-10] ()
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 Survarium-Steam Update Service; F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [97880 2017-03-18] ()
R2 VMAuthdService; P:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [99816 2017-05-11] (VMware, Inc.)
S3 vncserver; P:\Program Files\RealVNC\VNC Server\vncserver.exe [6743632 2017-04-07] (RealVNC Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 WindscribeService; P:\Program Files (x86)\Windscribe\WindscribeService.exe [53352 2016-11-23] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ASUSU7; C:\WINDOWS\system32\DRIVERS\ASUSU7.SYS [406016 2013-08-01] (C-Media Inc.)
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166624 2017-05-24] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [314128 2017-05-24] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192584 2017-05-24] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336896 2017-05-24] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [51336 2017-05-24] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39424 2017-05-24] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [129776 2017-05-24] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102280 2017-05-24] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76832 2017-05-24] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1008288 2017-05-24] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [570320 2017-05-24] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [160008 2017-05-24] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [340824 2017-05-24] (AVG Technologies CZ, s.r.o.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-25] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2017-06-25] ()
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-26] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-26] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-26] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2016-04-21] (Realtek                                            )
R3 RTCore64; P:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2016-09-02] ()
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2017-05-11] (VMware, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-26 11:48 - 2017-06-26 11:48 - 00029712 _____ C:\Users\Benjamin\Desktop\FRST.txt
2017-06-26 11:48 - 2017-06-26 11:48 - 00000000 ____D C:\Users\Benjamin\Desktop\FRST-OlderVersion
2017-06-26 11:48 - 2017-06-26 11:48 - 00000000 ____D C:\FRST
2017-06-26 11:47 - 2017-06-26 11:48 - 02441216 _____ (Farbar) C:\Users\Benjamin\Desktop\FRST64.exe
2017-06-26 11:25 - 2017-06-26 11:25 - 00001419 _____ C:\Users\Benjamin\Desktop\Malwarebytes Anti-Malware 170626.txt
2017-06-25 13:22 - 2017-06-25 13:22 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5BF970B4.sys
2017-06-25 12:23 - 2017-06-25 12:23 - 00055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-06-25 12:22 - 2017-06-25 12:23 - 00000000 ____D C:\ProgramData\HitmanPro
2017-06-25 12:18 - 2017-06-25 12:18 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\67E43FB5.sys
2017-06-25 12:16 - 2017-06-25 12:23 - 00808594 _____ C:\WINDOWS\ntbtlog.txt
2017-06-25 12:16 - 2017-06-25 12:19 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-06-25 02:15 - 2017-06-25 02:15 - 00001516 _____ C:\Users\Benjamin\Desktop\AdwCleaner[C2].txt
2017-06-25 02:10 - 2017-06-25 02:10 - 00000000 ____D C:\WINDOWS\SysWOW64\syncdb
2017-06-25 02:00 - 2017-06-25 00:31 - 04110280 _____ C:\Users\Benjamin\Desktop\adwcleaner_6.047__1_.exe
2017-06-25 00:59 - 2017-06-26 11:22 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-25 00:59 - 2017-06-26 11:14 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-25 00:59 - 2017-06-26 11:14 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-25 00:59 - 2017-06-26 11:14 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-25 00:59 - 2017-06-25 00:59 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-25 00:58 - 2017-06-25 00:58 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-25 00:58 - 2017-06-25 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-25 00:58 - 2017-06-25 00:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-25 00:58 - 2017-06-25 00:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-25 00:58 - 2017-05-25 11:58 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-25 00:49 - 2017-06-26 11:13 - 00000000 ____D C:\AdwCleaner
2017-06-19 19:47 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-19 19:47 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-19 19:47 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-19 19:47 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-19 19:47 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-19 19:47 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-19 19:47 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-19 19:47 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-19 19:47 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-19 19:47 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-19 19:47 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-19 19:47 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-19 19:47 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-19 19:47 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-19 19:47 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-19 19:47 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-19 19:47 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-19 19:47 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-19 19:47 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-19 19:47 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-19 19:47 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-19 19:47 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-19 19:47 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-19 19:47 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-19 19:47 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-19 19:47 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-19 19:47 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-19 19:47 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-19 19:47 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-19 19:47 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-19 19:47 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-19 19:47 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-19 19:47 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-19 19:47 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-19 19:47 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-19 19:47 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-19 19:47 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-19 19:47 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-19 19:47 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-19 19:47 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-19 19:47 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-19 19:47 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-19 19:47 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-19 19:47 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-19 19:47 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-19 19:47 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-19 19:47 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-19 19:47 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-19 19:47 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-19 19:47 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-19 19:47 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-19 19:47 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-19 19:47 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-19 19:47 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-19 19:47 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-19 19:47 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-19 19:47 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-19 19:47 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-19 19:47 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-19 19:47 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-19 19:47 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-19 19:47 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-19 19:47 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-19 19:47 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-19 19:47 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-19 19:47 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-19 19:47 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-19 19:47 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-19 19:47 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-19 19:47 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-19 19:47 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-19 19:47 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-19 19:47 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-19 19:47 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-19 19:47 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-19 19:47 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-19 19:47 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-19 19:47 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-19 19:47 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-19 19:47 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-19 19:47 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-19 19:47 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-19 19:47 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-19 19:47 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-19 19:47 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-19 19:47 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-19 19:47 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-19 19:47 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-19 19:47 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-19 19:47 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-19 19:47 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-19 19:47 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-19 19:47 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-19 19:47 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-19 19:47 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-19 19:47 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-19 19:47 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-19 19:47 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-19 19:47 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-19 19:47 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-19 19:47 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-19 19:47 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-19 19:47 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-19 19:47 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-19 19:47 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-19 19:47 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-19 19:47 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-19 19:47 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-19 19:47 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-19 19:47 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-19 19:47 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-19 19:47 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-19 19:47 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-19 19:47 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-19 19:47 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-19 19:47 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-19 19:47 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-19 19:47 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-19 19:47 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-19 19:47 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-19 19:47 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-19 19:47 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-19 19:47 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-19 19:47 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-19 19:47 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-19 19:47 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-19 19:47 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-19 19:47 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-19 19:47 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-19 19:47 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-19 19:47 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-19 19:47 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-19 19:47 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-19 19:47 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-19 19:47 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-19 19:47 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-19 19:47 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-19 19:47 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-19 19:47 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-19 19:47 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-19 19:47 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-19 19:47 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-19 19:47 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-19 19:47 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-19 19:47 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-19 19:47 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-19 19:47 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-19 19:47 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-19 19:47 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-19 19:47 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-19 19:47 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-19 19:47 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-19 19:47 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-19 19:47 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-19 19:47 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-19 19:47 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-19 19:47 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-19 19:47 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-19 19:47 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-19 19:47 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-19 19:47 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-19 19:47 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-19 19:47 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-19 19:47 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-19 19:47 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-19 19:47 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-19 19:47 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-19 19:47 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-19 19:47 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-19 19:47 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-19 19:47 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-19 19:47 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-19 19:47 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-19 19:47 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-19 19:47 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-19 19:47 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-19 19:47 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-19 19:47 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-19 19:47 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-19 19:47 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-19 19:46 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-19 19:46 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-19 19:46 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-19 19:46 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-19 19:46 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-19 19:46 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-19 19:46 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-19 19:46 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-19 19:46 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-19 19:46 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-19 19:46 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-19 19:46 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-19 19:46 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-19 19:46 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-19 19:46 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-19 19:46 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-19 19:46 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-19 19:46 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-19 19:46 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-19 19:46 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-19 19:46 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-19 19:46 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-08 13:21 - 2017-06-08 13:21 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-06-08 13:21 - 2017-06-08 13:21 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-06-05 12:57 - 2017-06-26 11:15 - 00000176 _____ C:\Users\Benjamin\BullseyeCoverageError.txt
2017-06-05 12:56 - 2017-06-05 12:57 - 00000176 _____ C:\Users\Default\BullseyeCoverageError.txt
2017-06-05 12:56 - 2017-06-05 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-06-05 12:54 - 2017-06-05 12:54 - 913769410 _____ C:\WINDOWS\MEMORY.DMP
2017-06-05 12:54 - 2017-06-05 12:54 - 00922028 _____ C:\WINDOWS\Minidump\060517-9187-01.dmp
2017-06-05 12:54 - 2017-06-05 12:54 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-05 01:07 - 2017-06-05 01:07 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Tempzxpsigndac65eec5b4b1c35
2017-06-05 01:07 - 2017-06-05 01:07 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Tempzxpsigncb7e7075d2ebffd7
2017-06-05 01:07 - 2017-06-05 01:07 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Tempzxpsign88845b7c34ef4c50
2017-05-30 12:53 - 2017-05-30 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-05-29 19:21 - 2017-05-29 19:22 - 00000000 ____D C:\Users\Benjamin\AppData\Local\DefishGui
2017-05-27 16:45 - 2017-05-27 16:45 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\VMware
2017-05-27 16:45 - 2017-05-27 16:45 - 00000000 ____D C:\Users\Benjamin\AppData\Local\VMware
2017-05-27 16:44 - 2017-05-11 00:43 - 00088128 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2017-05-27 16:44 - 2017-05-11 00:43 - 00049216 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmparport.sys
2017-05-27 16:44 - 2016-09-30 01:12 - 00091712 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2017-05-27 16:44 - 2016-09-30 01:12 - 00069104 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2017-05-27 16:44 - 2016-09-30 01:12 - 00065016 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2017-05-27 16:43 - 2017-06-26 11:14 - 00000000 ____D C:\ProgramData\VMware
2017-05-27 16:43 - 2017-05-27 16:43 - 02253326 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-27 16:43 - 2017-05-27 16:43 - 00001008 _____ C:\Users\Public\Desktop\VMware Workstation 12 Player.lnk
2017-05-27 16:43 - 2017-05-27 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2017-05-27 16:43 - 2017-05-27 16:43 - 00000000 ____D C:\Program Files\Common Files\VMware
2017-05-27 16:43 - 2017-05-11 00:50 - 00366568 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2017-05-27 16:43 - 2017-05-11 00:49 - 01149416 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2017-05-27 16:43 - 2017-05-11 00:49 - 00400872 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2017-05-27 16:43 - 2017-05-11 00:29 - 00066520 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll
2017-05-27 16:43 - 2017-05-11 00:29 - 00043992 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2017-05-27 16:43 - 2017-02-20 08:02 - 00083008 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2017-05-27 16:41 - 2017-05-27 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-26 11:20 - 2017-04-23 13:50 - 02611694 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-26 11:20 - 2017-03-20 06:41 - 01209458 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-26 11:20 - 2017-03-20 06:41 - 00279934 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-26 11:16 - 2016-04-25 20:28 - 00000000 ____D C:\Users\Benjamin\AppData\Local\LogMeIn Hamachi
2017-06-26 11:15 - 2017-04-23 13:41 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-26 11:15 - 2016-10-03 16:18 - 00000000 ___RD C:\Users\Benjamin\Creative Cloud Files
2017-06-26 11:15 - 2016-08-03 14:17 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Adobe
2017-06-26 11:14 - 2017-04-23 13:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-26 11:13 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-06-26 10:54 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-26 10:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-26 10:51 - 2017-04-23 13:46 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-06-26 00:10 - 2017-04-23 13:46 - 00003148 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-06-26 00:10 - 2017-04-23 13:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-25 14:25 - 2016-09-26 18:31 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-25 12:29 - 2016-04-21 18:54 - 00000000 ____D C:\Users\Benjamin\AppData\Local\CrashDumps
2017-06-25 02:56 - 2016-08-19 10:01 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Spotify
2017-06-25 02:46 - 2016-08-19 10:00 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\Spotify
2017-06-25 02:17 - 2017-02-20 18:44 - 00000000 ____D C:\Users\Benjamin\AppData\Local\ClassicShell
2017-06-25 02:14 - 2016-04-21 18:38 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\Adobe
2017-06-25 02:13 - 2017-04-23 13:41 - 00000000 ____D C:\Users\Benjamin
2017-06-25 02:13 - 2017-04-23 13:40 - 00314768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-25 02:10 - 2016-08-03 14:08 - 00000000 ____D C:\ProgramData\Adobe
2017-06-25 02:09 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-25 02:07 - 2016-10-03 17:24 - 00000000 ____D C:\Program Files\Adobe
2017-06-25 02:05 - 2016-04-25 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2017-06-25 02:05 - 2016-04-21 18:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-25 01:56 - 2016-10-03 17:25 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-06-25 01:08 - 2016-04-21 18:38 - 00000000 ____D C:\Users\Benjamin\AppData\Local\VirtualStore
2017-06-25 00:48 - 2016-04-21 19:03 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\Skype
2017-06-23 02:19 - 2016-07-09 18:08 - 00000000 ____D C:\ProgramData\Origin
2017-06-22 22:38 - 2016-07-09 18:10 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\Origin
2017-06-22 19:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-21 17:15 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-21 13:45 - 2017-05-05 16:04 - 00004282 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2017-06-20 15:52 - 2016-11-08 18:36 - 00007592 _____ C:\Users\Benjamin\AppData\Local\Resmon.ResmonCfg
2017-06-20 12:39 - 2016-04-21 20:08 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-20 12:39 - 2016-04-21 20:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-20 11:45 - 2017-04-23 13:46 - 00004702 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-20 11:45 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-20 11:45 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-20 11:44 - 2017-04-23 13:46 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-20 11:44 - 2016-04-21 18:41 - 00002392 _____ C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 11:44 - 2016-04-21 18:41 - 00000000 ___RD C:\Users\Benjamin\OneDrive
2017-06-20 11:43 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-19 19:51 - 2016-04-22 13:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-19 19:49 - 2016-04-22 13:45 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-09 15:37 - 2016-05-11 16:30 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\WhatsApp
2017-06-08 14:19 - 2017-04-22 14:50 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\LiquidSky
2017-06-08 13:21 - 2016-08-03 14:09 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-06 12:45 - 2016-10-03 16:18 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-06-05 22:00 - 2016-09-25 13:40 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-06-05 22:00 - 2016-09-25 13:40 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-06-04 14:40 - 2017-03-07 15:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-04 14:40 - 2016-04-21 19:03 - 00000000 ____D C:\ProgramData\Skype
2017-06-03 08:32 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:32 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-30 12:53 - 2017-05-05 16:03 - 00000955 _____ C:\Users\Public\Desktop\AVG.lnk
2017-05-27 18:07 - 2016-08-17 16:41 - 00000000 ____D C:\Users\Benjamin\.VirtualBox
2017-05-27 16:46 - 2016-08-17 21:04 - 00000000 ____D C:\Users\Benjamin\VirtualBox VMs
2017-05-27 16:41 - 2016-08-17 16:52 - 00000904 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-27 22:57 - 2016-11-03 23:56 - 0000033 _____ () C:\Users\Benjamin\AppData\Roaming\AdobeWLCMCache.dat
2017-03-27 21:10 - 2017-03-28 01:59 - 1307648 _____ () C:\Users\Benjamin\AppData\Local\file__0.localstorage
2016-04-29 19:02 - 2016-04-29 19:02 - 0000026 _____ () C:\Users\Benjamin\AppData\Local\isoworkshop.ini
2016-08-17 11:58 - 2016-08-18 15:35 - 0000600 _____ () C:\Users\Benjamin\AppData\Local\PUTTY.RND
2016-11-05 03:33 - 2016-11-05 03:33 - 0002274 _____ () C:\Users\Benjamin\AppData\Local\recently-used.xbel
2016-11-08 18:36 - 2017-06-20 15:52 - 0007592 _____ () C:\Users\Benjamin\AppData\Local\Resmon.ResmonCfg
2017-02-09 22:03 - 2017-02-09 22:03 - 0000037 _____ () C:\Users\Benjamin\AppData\Local\X-Plane Installer.prf
2017-02-09 22:03 - 2017-02-11 00:56 - 0000015 _____ () C:\Users\Benjamin\AppData\Local\X-Plane_drm_11.prf
2017-02-09 21:48 - 2017-02-09 21:48 - 0000026 _____ () C:\Users\Benjamin\AppData\Local\x-plane_install_11.txt
2016-09-14 00:06 - 2016-09-14 00:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-06-25 14:42 - 2017-06-25 14:42 - 0010520 _____ () C:\Users\Benjamin\AppData\Local\Temp\BullseyeCoverage-x86-3.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-19 20:18

==================== Ende von FRST.txt ============================
         

Alt 26.06.2017, 11:55   #8
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
durchgeführt von Benjamin (26-06-2017 11:49:06)
Gestartet von C:\Users\Benjamin\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-23 11:49:10)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1950188543-441825992-3618123389-500 - Administrator - Disabled)
Benjamin (S-1-5-21-1950188543-441825992-3618123389-1001 - Administrator - Enabled) => C:\Users\Benjamin
DefaultAccount (S-1-5-21-1950188543-441825992-3618123389-503 - Limited - Disabled)
Gast (S-1-5-21-1950188543-441825992-3618123389-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3CXPhone (HKLM-x32\...\{0DF8FA4D-299C-4250-9F09-C14E47E12224}) (Version: 4.0.26523.0 - 3CX)
3DMark (HKLM-x32\...\{06916c5d-59d5-401e-a1b9-db064bd8bc95}) (Version: 2.3.3663.0 - Futuremark)
3DMark (Version: 2.3.3663.0 - Futuremark) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Active Sky Next for FSX SP5 (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.6011.15407 - HiFi Technologies, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.31 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.31 - Aerosoft)
aerosoft's - Mega Airport Paris CDG X (HKLM-x32\...\{0F5E7FC8-3D49-47DA-9A51-6A8B4BE393B0}) (Version: 1.00 - aerosoft)
Aerosoft's - Mega Airport Zurich 2012 - FSX (HKLM-x32\...\{463A571A-B793-459B-BEA8-028DC323AAB0}) (Version: 1.02 - Aerosoft)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
AnyRail6 (HKLM-x32\...\AnyRail6 6.2.1) (Version: 6.2.1 - DRail Modelspoor Software)
AnyRail6 (x32 Version: 6.2.1 - DRail Modelspoor Software) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
Asus audio driver (HKLM-x32\...\{3219bf79-8651-4e0b-b746-a52f3af3d062}) (Version: 1.0.13 - ASUSTeKcomputer.Inc)
Asus Xonar Phoebus Audio Driver (Version: 1.0.13 - ASUSTeKcomputer.Inc) Hidden
Atlas Track Planning Software 0.9.34 (a) beta (HKLM-x32\...\AtlasTPS_by_Milen_Peev_is1) (Version: 0.9.34 - Milen Peev)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
AVG (Version: 1.191.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield: Bad Company 2 (HKLM\...\Steam App 24960) (Version:  - DICE)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.50.17863 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bitcoin Core (64-bit) (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Bitcoin Core (64-bit)) (Version: 0.14.1 - Bitcoin Core project)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 8.4 - Codeusa Software)
ChkHwId (x32 Version: 1.0.13 - ASUSTeKcomputer.Inc) Hidden
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Corel AfterShot 3 - ICA x64 (Version: 3.2 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM Content x64 (Version: 3.2 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM x64 (Version: 3.2.0.205 - Corel Corporation) Hidden
Corel AfterShot 3 x64 (Version: 3.0 - Corel Corporation) Hidden
Corel AfterShot 3(64-bit) (HKLM\...\_{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.2.0.205 - Corel Corporation)
Corel Update Manager (Version: 2.3.160 - Corel corporation) Hidden
Darktable 2.0 (HKLM-x32\...\Darktable-2.0) (Version: 2.0.0 - Partha Bagchi)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
DiRT Rally (HKLM\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
f.lux (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Flux) (Version:  - )
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
FMW 1 (Version: 1.203.1 - AVG Technologies) Hidden
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
FreeTrack v2.2.0.279 (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\FreeTrack v2.2.0.279) (Version:  - )
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FSCloud version 1.xxxx beta (HKLM-x32\...\{EAEDE38E-4126-42B7-BC6D-93E3A2EC06E9}_is1) (Version: 1.xxxx beta - FSCloud.net)
FSFDT FSCopilot (HKLM-x32\...\FSFDT FSCopilot) (Version:  - )
FSIAT LICJ X Scenery for FSX V.1.01 (HKLM-x32\...\FSIAT LICJ X Scenery for FSX V.1.01) (Version: V.1.01 V.1.01 - FSIADT)
Futuremark SystemInfo (HKLM-x32\...\{6583B359-134F-480D-9B31-9B94EFFAFE40}) (Version: 5.0.609.0 - Futuremark)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GRID (HKLM\...\Steam App 12750) (Version:  - Codemasters Studios)
H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version:  - Daybreak Game Company)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
HFSExplorer 0.23.1 (HKLM-x32\...\HFSExplorer) (Version: 0.23.1 - Catacombae Software)
HitFilm 4 Express (HKLM\...\{B266DF92-432D-4985-91C3-70148568AB79}) (Version: 4.0.5422.10801 - FXHOME)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
ISO Workshop 6.1 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
John's Background Switcher 4.12 (HKLM-x32\...\{DD3DAD13-289E-440E-A5D3-3EFB25305018}_is1) (Version: 4.12 - johnsadventures.com)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
Linphone version 3.7.0 (HKLM-x32\...\Linphone_is1) (Version:  - linphone.org)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.578 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.578 - LogMeIn, Inc.) Hidden
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version:  - )
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft OneDrive (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minimal ADB and Fastboot version 1.4 (HKLM-x32\...\{C5564379-582D-457A-9E68-A9E7C1F1C4EC}_is1) (Version: 1.4 - Sam Rodberg)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.001.06.01.500 - Huawei Technologies Co.,Ltd)
Mp3tag v2.78 (HKLM-x32\...\Mp3tag) (Version: v2.78 - Florian Heidenreich)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MultiBit HD 0.5.1 (HKLM\...\6925-4794-5772-4956) (Version: 0.5.1 - KeepKey,LLC)
Nemeth Designs & Milviz AgustaWestland AW109 for FSX (HKLM-x32\...\Nemeth Designs & Milviz AgustaWestland AW109 for FSX) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{392427E9-9FA4-4CD2-99EB-FD53A12BDCDA}) (Version: 1.2.1 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM-x32\...\{F324FE01-619B-4290-83BD-FC4F055CDBFD}) (Version: 2.0.1 - Olympus Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.22 (HKLM\...\{8D5E4D4D-5E0C-4448-B018-5DDEF1E208D9}) (Version: 5.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Paragon Backup and Recovery™ 16 (HKLM\...\{DADAA9CF-36B6-11E6-B0B5-005056C00008}) (Version: 10.1.28.163 - Paragon Software)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
PlanetSide 2 (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 747-400/400F for FSX (HKLM-x32\...\{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}) (Version: 2.10.0040 - Precision Manuals Development Group)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.7025 - PMDG Simulations, LLC.)
PMDG744X_GE_AC (HKLM-x32\...\{8A3D1E45-8D8C-4FC6-A769-DF1232776190}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_AF (HKLM-x32\...\{70D78DCD-8369-4857-BFEF-021C9899DA75}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_KL (HKLM-x32\...\{D4CF23EE-B0B6-4E5F-A335-8E63F8AFAC98}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_GE_LH (HKLM-x32\...\{20372FAA-3AF4-4B3D-9B1D-564CDEA5957C}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_GE_NH (HKLM-x32\...\{A1D97ADB-EFF4-4F31-B286-873F06AC6496}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_GE_SV (HKLM-x32\...\{40F75775-0940-4F2D-B43F-2BB37E51F13A}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_PW_IB (HKLM-x32\...\{1D67FB28-58DA-4425-B426-99E894468197}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_PW_NW3 (HKLM-x32\...\{96E1C9EE-5109-41FA-B412-E3358626051D}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_PW_UA3 (HKLM-x32\...\{EAB979F7-84A6-47B6-AB39-CA73A6EEAE69}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_RR_BA (HKLM-x32\...\{9C979BC5-0B86-47A1-B6C1-6057297DB61C}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_5XF (HKLM-x32\...\{E45EC4EA-CE0C-4F1C-9DA4-908A5860CDBA}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_AFF (HKLM-x32\...\{31C2BE56-FC30-4EC8-9E53-509252008243}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744XF_GE_BRF (HKLM-x32\...\{1AF39B3E-954C-4ADB-BD31-D29F653D4B22}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_EKF (HKLM-x32\...\{20B3074F-F200-4A50-9231-6FE3E0CF3F05}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_KLF (HKLM-x32\...\{9EF4E550-0D15-4047-AABF-ACD47CC3623B}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744XF_GE_VC25A (HKLM-x32\...\{E110F951-FDE7-46AF-A469-C234666E98EF}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_XHF (HKLM-x32\...\{520C2FC2-F39B-4B95-BDA9-3FB6BCA135BF}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_PW_FXF (HKLM-x32\...\{F77ABA68-8AC4-497E-9FFA-9CA4506B78FC}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_RR_CVF3 (HKLM-x32\...\{BF05DD52-4D84-474D-A7ED-F1DCAAE39E82}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_RR_CXF (HKLM-x32\...\{ABD462F9-7436-4086-A65B-AC6360ED45FC}) (Version: 1.00.0000 - Precision Manuals Development Group)
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version:  - Ubisoft)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
RenderManNC-Installer (HKLM\...\{DBD61261-3A3B-11E6-93DC-9C35EBEEE7A7}) (Version: 1.0.0 - Pixar)
REX 4 Texture Direct (with Soft Clouds) (HKLM-x32\...\{A1A078B6-6FBA-474D-8B23-B432591A02C2}) (Version: 4.8.2016.0325 - REX Game Studios, LLC.)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Rocrail -rev11469 (HKLM-x32\...\Rocrail_is1) (Version:  - rocrail.net)
Saints Row 2 (HKLM-x32\...\1430740458_is1) (Version: 2.1.0.5 - GOG.com)
SCARM 0.9.34 beta (HKLM-x32\...\{9BF3D390-A0AD-4733-AFC8-18E306B8E219}_is1) (Version: 0.9.34 - Milen Peev)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
SketchUp 2017 (HKLM\...\{C711666A-E8CC-4E2A-802F-BAA35E76045F}) (Version: 17.2.2555 - Trimble Navigation Limited)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Slide (HKLM-x32\...\{71253338-63E7-4A0E-9648-55F8D6FB771F}) (Version: 1.0.0 - lkuich)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Spintires (HKLM\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Spintires Editor (HKLM\...\Steam App 367690) (Version:  - )
Spotify (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steep (HKLM-x32\...\Uplay Install 3279) (Version:  - Ubisoft)
Survarium (HKLM\...\Steam App 355840) (Version:  - Vostok Games)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.46a - )
Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Thea Render (HKLM\...\TheaRender) (Version: 1.5 - Solid Iris Technologies)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Tomahawk (HKLM-x32\...\Tomahawk) (Version: 0.8.4 - Tomahawk-player.org)
Train Fever (HKLM\...\Steam App 304730) (Version:  - Urban Games)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Twilight Render 2.7.2 x64 Hobby (HKLM\...\{995E0EED-61CB-4AFC-93A0-D769CD08A11C}_is1) (Version:  - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
Virtual Audio Cable 4.14 (HKLM\...\Virtual Audio Cable 4.14) (Version:  - )
VistaMare ViMaCore X (HKLM-x32\...\ViMaCore X) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Player (HKLM\...\{D4234612-889D-4A9F-81FB-2DE679D1364E}) (Version: 12.5.6 - VMware, Inc.)
VNC Server 6.0.3 (HKLM\...\{9949C1DE-C543-499B-8A8E-8F0A024A65B8}) (Version: 6.0.3.27095 - RealVNC Ltd)
VNC Viewer 6.0.3 (HKLM\...\{64A73BAC-D4D0-4F12-9216-ABA1E16832ED}) (Version: 6.0.3.27095 - RealVNC Ltd)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WhatsApp (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\WhatsApp) (Version: 0.2.4240 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windscribe version 1.60 build 24 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.60 build 24 - Windscribe)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
X-Lite (HKLM-x32\...\{1F9BFD72-C600-4FF0-AAE2-C0850A127DFB}) (Version: 49.8.2158 - CounterPath Corporation)
Xonar U7 (Version: 1.0.13 - ASUSTeKcomputer.Inc) Hidden
Zoiper (HKLM-x32\...\Zoiper) (Version: 3.9 - Securax LTD)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1950188543-441825992-3618123389-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-61278E991861}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1950188543-441825992-3618123389-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {178534DD-775C-4B1F-B2E7-0437388937B2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {48946A1D-E9AE-4AFF-90D8-26D1EF19A4E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-20] (Adobe Systems Incorporated)
Task: {4C04E3B1-4BEA-4C41-8C8B-3EB475D1FC9B} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-24] (Corel Corporation)
Task: {5335C1EC-B9CC-4EBA-AFA7-E4DB91919BB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-21] (Google Inc.)
Task: {55CD488E-14A5-4C09-AA19-5CC6B3A312DD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {751E859F-D719-4531-9E72-8BB9426062FB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {7DB8F052-FB6D-4FFA-8941-09BE6F00E8AA} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {913D3BBA-8FF2-45C9-8AC1-A32547C021C5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-20] (Adobe Systems Incorporated)
Task: {9D93DA45-ED99-432A-81C0-26D9EBA69099} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {A273940C-A01E-4C8A-9536-8202990950C4} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {B9E4BE0E-D367-49B2-B1AD-F113EF25ADB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-21] (Google Inc.)
Task: {C9406B16-56FF-4215-A303-A7C0BF0690EF} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-24] (Corel Corporation)
Task: {CC821F27-AB5A-4A74-8A5B-04DD38BCB200} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {DD4FE3D3-1D82-4F76-8E9E-1675E440D193} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {E0797067-3838-4515-9966-C3824F723358} - System32\Tasks\MSIAfterburner => P:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-09-02] ()
Task: {E1ED1B68-5913-4A73-9692-C4F5541F875C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-05-24] (AVG Technologies CZ, s.r.o.)
Task: {FBA50A33-57C7-4623-974A-689FAC6CE7AB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {FF0FE0CA-7494-4870-83D9-F722C95A2EF4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Hotspot Shield Free VPN Proxy – Unblock Sites.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=heajfgnegopeedndeahkdjedjkjcmnpb

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-10-04 03:21 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-10 14:47 - 2016-07-10 14:47 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2017-06-25 00:58 - 2017-05-25 14:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-11-23 18:40 - 2016-11-23 07:05 - 00053352 _____ () P:\Program Files (x86)\Windscribe\WindscribeService.exe
2017-06-05 12:56 - 2017-06-05 12:56 - 00012080 _____ () C:\WINDOWS\TEMP\BullseyeCoverage-x64-3.dll
2016-09-02 11:11 - 2016-09-02 11:11 - 00589512 _____ () P:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-26 03:18 - 2017-05-26 03:18 - 00492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-01-28 10:52 - 2015-01-28 10:52 - 00742192 _____ () C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\x64\nhAsusU7DevProps.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-03-30 19:17 - 2016-03-30 19:17 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-03-30 19:17 - 2016-03-30 19:17 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-05-21 01:21 - 2017-05-03 22:20 - 00034424 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2017-05-21 01:21 - 2017-05-03 22:20 - 00920184 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2015-01-28 10:50 - 2015-01-28 10:50 - 03544880 _____ () C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\nhAsusU7UILauncher.exe
2015-01-28 10:52 - 2015-01-28 10:52 - 03291136 _____ () C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\x64\nhAsusU7Svc64.exe
2017-05-15 02:38 - 2017-05-15 02:38 - 34957896 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-05-12 17:30 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-12 17:30 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-06-20 12:38 - 2017-04-05 10:09 - 02493440 _____ () P:\Games\Origin\libGLESv2.dll
2016-10-04 03:21 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-01-28 10:50 - 2015-01-28 10:50 - 00723760 _____ () C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\nhAsusU7DevProps.dll
2016-08-19 17:31 - 2016-08-19 17:31 - 00071680 _____ () P:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2016-08-19 17:31 - 2016-08-19 17:31 - 00056832 _____ () P:\Program Files (x86)\MSI Afterburner\RTFC.dll
2016-08-28 13:19 - 2016-08-28 13:19 - 00227840 _____ () P:\Program Files (x86)\MSI Afterburner\RTCore.dll
2016-08-19 17:31 - 2016-08-19 17:31 - 00357888 _____ () P:\Program Files (x86)\MSI Afterburner\RTUI.dll
2016-08-28 13:19 - 2016-08-28 13:19 - 00525824 _____ () P:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2016-12-03 01:47 - 2016-12-03 01:46 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-05-24 00:49 - 2017-05-24 00:49 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-05-24 00:49 - 2017-05-24 00:49 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-05-24 00:49 - 2017-05-24 00:49 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-05-24 00:49 - 2017-05-24 00:49 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-05-24 00:49 - 2017-05-24 00:49 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-05-24 00:49 - 2017-05-24 00:49 - 00685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2016-10-04 03:21 - 2017-05-03 22:20 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-06-03 12:08 - 2017-05-17 03:54 - 00678176 _____ () P:\Steam\SDL2.dll
2016-10-15 14:13 - 2016-09-01 03:02 - 04969248 _____ () P:\Steam\v8.dll
2017-06-09 13:58 - 2017-06-08 07:42 - 02485536 _____ () P:\Steam\video.dll
2016-10-15 14:13 - 2016-09-01 03:02 - 01563936 _____ () P:\Steam\icui18n.dll
2016-10-15 14:13 - 2016-09-01 03:02 - 01195296 _____ () P:\Steam\icuuc.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 02549760 _____ () P:\Steam\libavcodec-56.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 00491008 _____ () P:\Steam\libavformat-56.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 00332800 _____ () P:\Steam\libavresample-2.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 00442880 _____ () P:\Steam\libavutil-54.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 00485888 _____ () P:\Steam\libswscale-3.dll
2017-06-09 13:58 - 2017-06-08 07:42 - 00877856 _____ () P:\Steam\bin\chromehtml.DLL
2016-10-15 14:13 - 2016-07-05 00:17 - 00266560 _____ () P:\Steam\openvr_api.dll
2017-06-26 11:14 - 2017-06-26 11:14 - 00098816 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32api.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00110080 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\pywintypes27.dll
2017-06-26 11:14 - 2017-06-26 11:14 - 00364544 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\pythoncom27.dll
2017-06-26 11:14 - 2017-06-26 11:14 - 00320512 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32com.shell.shell.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00914432 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\_hashlib.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 01176576 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\wx._core_.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00806400 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\wx._gdi_.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00816128 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\wx._windows_.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 01067008 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\wx._controls_.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00733184 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\wx._misc_.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00682496 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\pysqlite2._sqlite.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00088064 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\_ctypes.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00686080 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\unicodedata.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00119808 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32file.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00108544 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32security.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00007168 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\hashobjs_ext.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00017920 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\thumbnails_ext.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00088064 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\usb_ext.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00012800 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\common.time34.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00018432 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32event.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00167936 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32gui.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00046080 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\_socket.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 01303552 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\_ssl.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00128512 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\_elementtree.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00127488 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\pyexpat.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00038912 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32inet.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00036864 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\_psutil_windows.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00524248 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\windows._lib_cacheinvalidation.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00011264 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32crypt.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00123392 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\wx._wizard.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00077312 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\wx._html2.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00027648 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\_multiprocessing.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00020480 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\_yappi.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00035840 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32process.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00078848 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\wx._animate.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00024064 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32pipe.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00010240 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\select.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00025600 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32pdh.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00017408 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32profile.pyd
2017-06-26 11:14 - 2017-06-26 11:14 - 00022528 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI136482\win32ts.pyd
2016-10-25 22:06 - 2017-06-22 11:07 - 00189040 _____ () C:\Users\Benjamin\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-04-21 19:20 - 2010-11-04 11:48 - 00061440 _____ () P:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2017-06-04 07:19 - 2017-06-04 07:19 - 52051552 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-06-03 12:08 - 2017-05-08 21:45 - 69516064 _____ () P:\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 13:58 - 2017-05-17 03:54 - 00678176 _____ () P:\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-09 13:58 - 2017-06-08 07:42 - 00385312 _____ () P:\Steam\steam.dll
2016-08-03 17:45 - 2016-08-03 17:45 - 00048304 _____ () P:\Program Files\FileZilla FTP Client\fzshellext.dll
2017-06-25 14:42 - 2017-06-25 14:42 - 00010520 _____ () C:\Users\Benjamin\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-05-30 01:38 - 2017-05-30 01:38 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-06-04 07:47 - 2017-06-04 07:47 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-04 07:43 - 2017-06-04 07:43 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 00098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\facebook.com -> hxxps://staticxx.facebook.com
IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\facebook.net -> hxxps://connect.facebook.net
IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\fbcdn.net -> hxxps://static.xx.fbcdn.net
IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\google-analytics.com -> hxxps://www.google-analytics.com
IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\paragon-software.com -> hxxps://bo4-fe.paragon-software.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1950188543-441825992-3618123389-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\StartupApproved\Run: => "f.lux"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A1EF00C9-836A-4F9B-B75F-F1EF69161A02}] => (Allow) C:\Users\Benjamin\AppData\Roaming\LiquidSky\lib\LiquidSky.exe
FirewallRules: [{06A2A1E5-0C3C-4A09-AB60-0F530E3DF769}] => (Allow) C:\Users\Benjamin\AppData\Roaming\LiquidSky\lib\LiquidSky.exe
FirewallRules: [{13F7D66F-DF3F-4724-B2C2-06AD3FC21DEE}] => (Allow) C:\Users\Benjamin\AppData\Roaming\LiquidSky\LiquidSkyClient.exe
FirewallRules: [{2F419E0F-0213-47DE-8A08-49F6BA52477A}] => (Allow) C:\Users\Benjamin\AppData\Roaming\LiquidSky\LiquidSkyClient.exe
FirewallRules: [{B2D8258F-738C-4373-AD42-9B277916455D}] => (Allow) D:\Downloads\LiquidSkyClient.exe
FirewallRules: [{B77FF973-F667-4735-A85E-79495EF9E329}] => (Allow) D:\Downloads\LiquidSkyClient.exe
FirewallRules: [UDP Query User{43648C04-ABD0-434D-9E72-F482C42768A0}P:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) P:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{141C78C9-1D2C-449F-8055-FCB7DB2F5D9F}P:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) P:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{EC7E7DCF-5AD7-4314-8CB2-9F0CEE049C27}] => (Allow) P:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{6F7C0F31-A476-4EF1-9BD0-79DF5E4D2DAA}] => (Allow) P:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{20CEF79E-E67D-4637-B423-34425DDADE8C}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{4070467B-9C71-40A8-99EA-7181B26980B7}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{3D3DB32B-AF79-43AC-9CB5-F8655323E41F}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{0F143D43-8CC6-4951-A2DE-6740DF18CCC4}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{B6C36E07-7691-4923-9136-AB8347CF9783}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{B5584F2E-98D1-4F89-B5C7-F197A85422F7}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{4CCE8145-C85A-47A5-89C5-F04436220FC6}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{7E2B14B8-D4DF-4899-814B-C836EFBF8586}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{4B5072E9-8A03-40A8-9D4F-70B2DC0DBB99}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{91B15DBA-7D80-464F-9AD8-77317524A57C}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{C9D540F3-95B6-4602-9AE9-F37B5EDE80F7}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{66847CD8-8C67-46D6-8A7A-11DE15AED8E3}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{A96C5C27-BEA8-464F-A596-52BFC6B1B89B}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules: [{4D24AA02-0B14-4C97-8C6C-F31EEC195143}] => (Allow) P:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{E0678DFE-52BE-4892-B1B7-6B030793C238}] => (Allow) P:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{61927690-A6E0-4087-B285-AD0EAFCB0FCB}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Steep\steep.exe
FirewallRules: [UDP Query User{1B0B5D0E-9BDC-4B46-879C-3F7E71760272}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{C7D965E2-BD3E-4930-9E35-F784F38AB74E}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{C770B7AD-FEB5-4F47-91DC-B760D0E400B1}D:\downloads\x-plane 11\x-plane.exe] => (Allow) D:\downloads\x-plane 11\x-plane.exe
FirewallRules: [TCP Query User{1B27F4A1-93E5-4544-81F4-67095997285D}D:\downloads\x-plane 11\x-plane.exe] => (Allow) D:\downloads\x-plane 11\x-plane.exe
FirewallRules: [{0C94EA90-CC67-4F8D-A8C7-D599112DC85C}] => (Allow) P:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{4CB0FF34-3125-46A3-9A2C-E5C5202FC62B}] => (Allow) P:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{F9DDA595-94CF-44CF-BBA5-579960BDA5AC}] => (Allow) F:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B8BE5A8F-33E6-4532-A95E-337EDDA84955}] => (Allow) F:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{9B6EDDBB-523C-4DC3-A4ED-454F52E521DA}] => (Allow) P:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4209C100-A044-45AD-8866-875ACE553C4C}] => (Allow) P:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F1B0546A-B01A-41F7-9968-4F812DA0AD3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C9B64DD5-3616-49C1-8DB1-16CC75EB319D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4612EDF-E757-4064-B69D-19029C3EF05D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{114A8FE8-9C42-47EE-A82B-14B084593085}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{89EF6D45-E0E4-4904-88C9-93D8D6374013}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B640A5B9-4B3A-43A6-827F-2FE6F038230B}] => (Allow) P:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{48745021-57AA-4081-B98B-DF692B704320}] => (Allow) P:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [UDP Query User{39735BB1-C228-4817-A35F-15C9FECAB414}P:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) P:\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{A4206F29-E4B6-4EEA-9AF5-F33C20ACE739}P:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) P:\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{743AD1D1-7F35-4F51-8DBD-58D9CE4E31DC}P:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) P:\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{C1A82D21-444D-48C0-887F-5BD60D21F6FA}P:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) P:\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{86182BED-0D64-4E5A-9FC5-AC1340AA58DD}] => (Allow) P:\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{6C8E0C8E-C370-4E80-9DEF-21711FE73DF8}] => (Allow) P:\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{1F82E702-A09C-4C43-A0E7-E73B0582C868}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{207A541C-8414-4C83-90EF-1E6AFC49B9F0}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [UDP Query User{37674063-86B5-4701-BD13-98FE67C8C96F}P:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) P:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{B3EA3E4C-6528-4A6A-90E9-CD9A3F8A7225}P:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) P:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{95157547-7DE5-4FD6-8171-9DD6FBE4EA2B}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{4BBF0C9A-0884-469C-8186-33B106AF996B}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{7A64B7F8-846B-4EDE-BB1C-46D44F5A1C79}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{3ACD3BB5-7FEE-4E2F-BFF3-0C8E870690E1}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{A7403A41-3688-486B-88CF-0BB1B06CC8C9}] => (Allow) P:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{5C96A6A3-1716-4911-9EE2-C71F2A37972E}] => (Allow) P:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{03990981-0EBD-4B32-9633-FEB2D85D200A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{A011DABF-9878-4B0B-8354-6E8A1385337F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{47448730-08BD-43BC-BB82-1FAA599BB44B}] => (Allow) P:\Program Files (x86)\Zoiper\Zoiper.exe
FirewallRules: [{625E7626-6BBB-493C-9DD5-A0AF650B07DE}] => (Allow) P:\Program Files (x86)\Zoiper\Zoiper.exe
FirewallRules: [UDP Query User{B993CD0C-41CA-48E8-9F46-847AC9725A34}P:\program files (x86)\linphone\bin\linphone.exe] => (Allow) P:\program files (x86)\linphone\bin\linphone.exe
FirewallRules: [TCP Query User{6B8C6092-2D1C-4350-95FD-1C02B8344946}P:\program files (x86)\linphone\bin\linphone.exe] => (Allow) P:\program files (x86)\linphone\bin\linphone.exe
FirewallRules: [UDP Query User{4C747A69-7E89-4B22-A271-68E0288A78B9}P:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) P:\program files (x86)\counterpath\x-lite\x-lite.exe
FirewallRules: [TCP Query User{AC61014E-9EEE-4D8F-9B79-C4EA79F17BDC}P:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) P:\program files (x86)\counterpath\x-lite\x-lite.exe
FirewallRules: [{26287183-442A-4B5F-84E1-8D450C50EE03}] => (Allow) P:\Program Files (x86)\3CXPhone\3CXPhone.exe
FirewallRules: [UDP Query User{F4EAB38A-469B-49ED-B460-B1FCE3428692}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{7D570C8A-6791-4A11-A7B0-FC018A513535}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{7EC2B7F0-44DB-488D-BD52-3B3356890E39}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{FF93A7B7-BCC1-46A1-B345-334174827118}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{ECAE9224-05C6-4E48-A75F-A5E44A2720C8}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{86F1B61B-E2A7-4257-8DDD-E4D48DC317B2}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [UDP Query User{BDA793DC-A077-4D95-9E50-7F157FBB2BD4}C:\users\benjamin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\benjamin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4B46CC71-8259-4D9A-BE66-6BFBC741EFAA}C:\users\benjamin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\benjamin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EBEE608F-77A4-4D2C-BE6B-F9EC9709F972}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA469317-816E-4ED5-967C-81564783E17D}] => (Allow) P:\Steam\Steam.exe
FirewallRules: [{C73712FE-4BF0-4F11-A2F2-6DC544EB49AC}] => (Allow) P:\Steam\Steam.exe
FirewallRules: [{22564A97-5B3F-48F5-924B-E38DE9BA2921}] => (Allow) P:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2A948B28-A78C-4EB5-8D9F-26743AD00E3C}] => (Allow) P:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E01EC0F4-D46E-4829-A5DB-3058DD255760}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4596A758-2834-43CA-8C29-EFCB0226A95C}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F276FBE1-689E-437A-A62A-9CC5BE47707A}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D39A5B8F-3B9C-4A43-8EF5-BDE6054A7202}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{80C4549B-FC70-4D69-B8D5-747C53356613}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4C0FB0BC-C6CD-4472-8830-43F2133AF754}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{CCAD0938-3B60-431C-8EC8-386404A9F987}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8A01A504-0A52-486D-A6E1-C4A7E6D5CC6F}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A523D6B8-34CC-43C5-9227-3C5E4208A398}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_launcher.exe
FirewallRules: [{74AC0359-45BC-4470-808F-EEFB49A31507}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_launcher.exe
FirewallRules: [{2ACD65FE-BD14-468A-99D8-D3ABD0290954}] => (Allow) F:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BC4B1C2B-075F-46D2-919A-E436980FA4EE}] => (Allow) F:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{A97339B2-4149-4E86-A421-8F3420E0E317}F:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{F811DBEE-C059-4ACE-BC73-9CE6190B941F}F:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{C0E489C8-7D9C-49D3-B161-5C741EF848BA}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{A4DB8024-80E9-4AD3-940E-F4CF6EA0E10E}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{96C1E189-9D53-4D3A-871A-BB19647A86C8}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{1D7C1C79-81C4-4E5F-934A-E5B347C452E2}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{13407AFA-51DA-4C15-A525-0FF3A73805F9}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{391BB87A-DD90-4B51-86AB-5827FB116CF8}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{640F932A-D907-4916-BCB6-4A92E5100DD6}] => (Allow) F:\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{BC19AB6A-E2A4-46EE-AF01-6D2215468F82}] => (Allow) F:\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{7BCD0A11-25A4-4B40-84C0-0941AFFFDA06}] => (Allow) F:\Steam\steamapps\common\Train Fever\TrainFever.exe
FirewallRules: [{0CCC7970-1B17-4701-A630-CC03BE3683E4}] => (Allow) F:\Steam\steamapps\common\Train Fever\TrainFever.exe
FirewallRules: [{1CC352A1-5A76-45DF-B014-5625243539B9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2BD0AB0E-6382-4BBE-AD40-9369BF32601A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{80A63B97-F7F6-412A-8D89-6CA65EDF626C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{79A40864-64CE-4D7E-AC00-ECC8E4A82C39}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C8FC5972-CFEC-4EBB-828E-6BA450596ABA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{859779E5-2936-4071-AEBE-5F12359A1DCE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{94D4C796-0F49-4202-9D6C-C942F4E9EABA}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{0A0F2DE7-7698-47BF-8EB9-032E14466559}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{2A579F09-2AFD-4DF1-9799-5F5883FD4974}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{80F790EA-5987-4431-A414-D4641B0726CA}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{4893A3EC-6509-4010-AA53-FEB69B949960}] => (Allow) F:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{0063F1A0-70F2-4464-859F-DAACE4C5708B}] => (Allow) F:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{37E76843-D8A3-4071-9279-DDC3514C4ADD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{4882559A-D432-4D3A-AE63-DF300F340F16}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{22A7C183-B581-4AF2-8E44-483DB07EC93A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{9313BC6B-A3F9-40D5-80EA-1496FE494FD0}] => (Allow) F:\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{12BB9972-A4B8-4199-A291-09ABE2FECD09}] => (Allow) F:\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{6D38C91B-1FE6-449C-A281-B12E1EA239C4}] => (Allow) F:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{039BA2F9-7D29-46F2-A73D-6B87FCA7BD23}] => (Allow) F:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{7D7A552F-195F-47C2-92D7-BC1F0BF002CB}] => (Allow) P:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{507469E0-C95D-4085-B930-BC5150D31FFC}] => (Allow) P:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{02BEF8D5-EFB9-49F4-AF78-ED42467F1D5F}] => (Allow) P:\Steam\steamapps\common\Spintires Combine Tools\SpinTiresEditor.exe
FirewallRules: [{B9FDBC5F-6A2F-4985-9BE3-15D734803EAB}] => (Allow) P:\Steam\steamapps\common\Spintires Combine Tools\SpinTiresEditor.exe
FirewallRules: [{3616CF75-27D7-4FEF-B267-18044C4C006F}] => (Allow) P:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{709E5018-A4CA-4A0C-9442-73D2AAC60852}] => (Allow) P:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{3E7F7E30-80EF-469D-A81F-1440B84F0BE0}] => (Allow) P:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{85695ECD-8BC2-476D-ACFE-FD50D85CB6B0}] => (Allow) P:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{B4197B2B-8C29-46F5-B510-2567853FFE19}] => (Allow) F:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{A7E08206-4D49-49C7-864A-6966DD55DAB2}] => (Allow) F:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{E3DC60C6-7507-45B2-9FB6-CE80DED6DDE7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{90BC111E-FB0C-43ED-B799-613613D656C9}] => (Allow) P:\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{79B12454-0DC5-4F21-83CB-869583B67D22}] => (Allow) P:\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [TCP Query User{F584F19A-C118-4792-AF4B-2BCAFF4DF5DD}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{4412975F-39F3-4B2C-88AF-F72EF74C6F03}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [{1A80A26B-CFFA-4CAE-A761-9E711784A935}] => (Allow) P:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{2D46A4F1-9E11-4BFD-A7A2-1F4072705CA1}] => (Allow) P:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{06D407C2-1C57-4100-831D-97456EAC660A}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A5E7A1AB-6F8B-46BB-9B8D-F2B704508430}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{74432DF7-E8E1-459E-9588-E2FE59A1213D}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A50AA053-96B1-475F-BDA3-10198CEAC1E2}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{806BC321-7A69-42D2-BF99-6FC7B12C176C}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{CA5D6F05-B66F-45F5-B7DA-03050AC6FFB0}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{E69BACDC-32CF-4CCD-B289-D910696F2268}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{6EA42846-DA0E-4542-BD21-99F624A4FD76}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/26/2017 10:55:51 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/25/2017 12:29:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hitmanpro_x64.exe, Version: 3.7.20.286, Zeitstempel: 0x58e5ec3b
Name des fehlerhaften Moduls: hitmanpro_x64.exe, Version: 3.7.20.286, Zeitstempel: 0x58e5ec3b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000002bfb49
ID des fehlerhaften Prozesses: 0xc20
Startzeit der fehlerhaften Anwendung: 0x01d2ed9d0142e4c4
Pfad der fehlerhaften Anwendung: D:\Downloads\hitmanpro_x64.exe
Pfad des fehlerhaften Moduls: D:\Downloads\hitmanpro_x64.exe
Berichtskennung: 6054fdc9-115b-419f-bf2b-03a5f9051906
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/25/2017 02:10:49 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-D3G9100)
Description: Die Anwendung oder der Dienst "Adobe Active File Monitor V9" konnte nicht neu gestartet werden.

Error: (06/25/2017 01:52:04 AM) (Source: NetBalancer 9.5.6) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.

Error: (06/25/2017 01:01:49 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/25/2017 12:52:03 AM) (Source: NetBalancer 9.5.6) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.

Error: (06/25/2017 12:51:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 4.1.1.202, Zeitstempel: 0x5934127c
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2704.1434.0, Zeitstempel: 0x5798eeba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00be5cc7
ID des fehlerhaften Prozesses: 0x41f8
Startzeit der fehlerhaften Anwendung: 0x01d2ecfeb8d39f41
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: f17d0d35-bc33-4310-b4a8-249d70650725
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/24/2017 05:33:47 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/24/2017 01:31:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: nvxdsyncplugin.dll_unloaded, Version: 8.17.13.8205, Zeitstempel: 0x590793c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000046f85
ID des fehlerhaften Prozesses: 0x3d2c
Startzeit der fehlerhaften Anwendung: 0x01d2ec78cb2f58bd
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: nvxdsyncplugin.dll
Berichtskennung: 96759dd5-0239-45c4-b0d8-94da24f727ac
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/24/2017 01:31:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: nvxdsyncplugin.dll_unloaded, Version: 8.17.13.8205, Zeitstempel: 0x590793c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000046f85
ID des fehlerhaften Prozesses: 0x824c
Startzeit der fehlerhaften Anwendung: 0x01d2ec78caec7a71
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: nvxdsyncplugin.dll
Berichtskennung: b612a8c5-9fd8-4217-b5c6-99e8cf82067f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (06/26/2017 11:14:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (06/26/2017 11:14:04 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1

Error: (06/26/2017 11:14:04 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1

Error: (06/26/2017 11:13:32 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA Display Container LS" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (06/26/2017 11:13:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/26/2017 11:13:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/26/2017 11:13:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/26/2017 11:13:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "NVIDIA NetworkService Container" wurde mit folgendem Fehler beendet: 
Für einen allgemeinen Befehl wurde ein Ergebnis zurückgegeben, das auf einen Fehler hinweist.

Error: (06/26/2017 11:13:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/26/2017 11:13:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-06-25 01:02:12.255
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:45.492
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:41.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.703
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.539
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.511
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.218
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.037
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:33.828
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8134.78 MB
Verfügbarer physikalischer RAM: 4530.36 MB
Summe virtueller Speicher: 9414.78 MB
Verfügbarer virtueller Speicher: 5144.35 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.75 GB) (Free:23.1 GB) NTFS
Drive d: (Laufwerk) (Fixed) (Total:465.09 GB) (Free:96.89 GB) NTFS
Drive f: () (Fixed) (Total:238.47 GB) (Free:26.42 GB) NTFS
Drive p: (Laufwerk) (Fixed) (Total:466.42 GB) (Free:99.53 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: CE7BE18A)
Partition 2: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 5A9238A8)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 51578DF8)
Partition 1: (Not Active) - (Size=465.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 26.06.2017, 12:04   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Bitte AVG deinstallieren. Am besten mit Revo, siehe weiter unten. Das alte Adobe AIR sollte auch runter.

Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog
Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:


    Adobe AIR

    AVG

    AVG Protection

    FMW 1


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.06.2017, 12:19   #10
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Ich habe im Revo Uninstaller nur Adobe Air und einen Eintrag von AVG gefunden und gelöscht. Reicht das?

Alt 26.06.2017, 12:31   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Wichtig ist, dass der AVG-Virenscanner deinstalliert ist. Ist das nun der Fall?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.06.2017, 12:35   #12
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Alles was ich von AVG gefunden habe ist Deinstalliert. Also Ja.

Alt 26.06.2017, 13:22   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.06.2017, 13:32   #14
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



FRST Log:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
durchgeführt von Benjamin (Administrator) auf DESKTOP-D3G9100 (26-06-2017 13:30:22)
Gestartet von C:\Users\Benjamin\Desktop
Geladene Profile: Benjamin (Verfügbare Profile: Benjamin)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) P:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
() P:\Program Files (x86)\Windscribe\WindscribeService.exe
(Electronic Arts) P:\Games\Origin\OriginWebHelperService.exe
(LogMeIn Inc.) P:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) P:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() P:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(IvoSoft) P:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) P:\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Spotify Ltd) C:\Users\Benjamin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\nhAsusU7UILauncher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
() C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\x64\nhAsusU7Svc64.exe
(ROCCAT GmbH) P:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) P:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(LogMeIn, Inc.) P:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Valve Corporation) P:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-04-21] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => P:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [RoccatIsku] => P:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => P:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [6153128 2017-05-22] (LogMeIn Inc.)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [Steam] => P:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [f.lux] => C:\Users\Benjamin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [Spotify Web Helper] => C:\Users\Benjamin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-22] (Spotify Ltd)
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Run: [nhAsusU7UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\nhAsusU7UILauncher.exe [3544880 2015-01-28] ()
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{7c542192-c021-4b1b-b7fa-c386dc9b6e6f}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ce200d8b-0a68-49b4-8b10-9827185347a0}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1950188543-441825992-3618123389-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> P:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> P:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default ->  Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR DefaultSearchURL: Default -> hxxps://search.mediatab.tv/search.php?q={searchTerms}
CHR DefaultSearchKeyword: Default -> www.mediatab.tv
CHR DefaultSuggestURL: Default -> hxxps://search.mediatab.tv/suggest.php?client=chrome&q={searchTerms}
CHR Profile: C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default [2017-06-26]
CHR Extension: (Google Präsentationen) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-21]
CHR Extension: (Google Docs) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-21]
CHR Extension: (Google Drive) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-04-21]
CHR Extension: (YouTube) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-21]
CHR Extension: (Adblock Plus) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Tampermonkey) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-31]
CHR Extension: (Gmail offline) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-04-21]
CHR Extension: (Facebook Disconnect) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2016-04-21]
CHR Extension: (Full Page Screen Capture) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2016-09-14]
CHR Extension: (Google Tabellen) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-21]
CHR Extension: (Key Socket Media Keys) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fphfgdknbpakeedbaenojjdcdoajihik [2017-06-08]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21]
CHR Extension: (Desktop Notifications für Android) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni [2016-11-24]
CHR Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\heajfgnegopeedndeahkdjedjkjcmnpb [2016-08-15]
CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2017-06-19]
CHR Extension: (agar.io server browser) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2016-04-21]
CHR Extension: (New Tab Redirect) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2016-04-21]
CHR Extension: (Wood-7) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieinhcgomaoikbidgmbhjkcedelgipmi [2017-06-25]
CHR Extension: (Shareaholic für Google Chrome) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2016-04-21]
CHR Extension: (Turbo for YouTube) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgnmngkgolhffjjdaipkkjbmbnpefef [2017-03-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-04-29]
CHR Extension: (Extensions Manager (aka Switcher)) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2017-06-26]
CHR Extension: (Google Mail-Checker) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-04-21]
CHR Extension: (Privacy Palette) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone [2016-04-21]
CHR Extension: (Iomods) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2016-04-21]
CHR Extension: (Hotspot Shield Free VPN Proxy – Entsperrung) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2017-06-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (AutoScroll) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\occjjkgifpmdgodlplnacmkejpdionan [2016-07-13]
CHR Extension: (ScriptSafe) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2017-06-25]
CHR Extension: (Google Mail) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR HKU\S-1-5-21-1950188543-441825992-3618123389-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [himfhebcckichhmfhakibncfghepkclb] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2017-03-18] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-03-09] (Futuremark)
R2 Hamachi2Svc; P:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3760040 2017-05-22] (LogMeIn Inc.)
S3 HnGSteamService; P:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [778024 2017-06-21] (Reto-Moto ApS)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; P:\Games\Origin\OriginClientService.exe [2157456 2017-06-01] (Electronic Arts)
R2 Origin Web Helper Service; P:\Games\Origin\OriginWebHelperService.exe [3127192 2017-06-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-07-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-07-10] ()
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 Survarium-Steam Update Service; F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [97880 2017-03-18] ()
R2 VMAuthdService; P:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [99816 2017-05-11] (VMware, Inc.)
S3 vncserver; P:\Program Files\RealVNC\VNC Server\vncserver.exe [6743632 2017-04-07] (RealVNC Ltd)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 WindscribeService; P:\Program Files (x86)\Windscribe\WindscribeService.exe [53352 2016-11-23] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ASUSU7; C:\WINDOWS\system32\DRIVERS\ASUSU7.SYS [406016 2013-08-01] (C-Media Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-25] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2017-06-25] ()
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-26] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-26] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-26] (Malwarebytes)
R1 MpKsl02ce1fa2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8E772FDA-97D2-4277-8C00-443F3A2069AF}\MpKsl02ce1fa2.sys [44928 2017-06-26] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2016-04-21] (Realtek                                            )
R3 RTCore64; P:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2016-09-02] ()
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2017-05-11] (VMware, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2016-09-30] (VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-26 12:07 - 2017-06-26 12:07 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-06-26 12:07 - 2017-06-26 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-06-26 12:07 - 2017-06-26 12:07 - 00000000 ____D C:\Program Files\VS Revo Group
2017-06-26 11:48 - 2017-06-26 13:30 - 00027875 _____ C:\Users\Benjamin\Desktop\FRST.txt
2017-06-26 11:48 - 2017-06-26 13:30 - 00000000 ____D C:\Users\Benjamin\Desktop\FRST-OlderVersion
2017-06-26 11:48 - 2017-06-26 13:30 - 00000000 ____D C:\FRST
2017-06-26 11:47 - 2017-06-26 11:48 - 02441216 _____ (Farbar) C:\Users\Benjamin\Desktop\FRST64.exe
2017-06-26 11:25 - 2017-06-26 11:25 - 00001419 _____ C:\Users\Benjamin\Desktop\Malwarebytes Anti-Malware 170626.txt
2017-06-25 13:22 - 2017-06-25 13:22 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5BF970B4.sys
2017-06-25 12:23 - 2017-06-25 12:23 - 00055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-06-25 12:22 - 2017-06-25 12:23 - 00000000 ____D C:\ProgramData\HitmanPro
2017-06-25 12:18 - 2017-06-25 12:18 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\67E43FB5.sys
2017-06-25 12:16 - 2017-06-25 12:23 - 00808594 _____ C:\WINDOWS\ntbtlog.txt
2017-06-25 12:16 - 2017-06-25 12:19 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-06-25 02:15 - 2017-06-25 02:15 - 00001516 _____ C:\Users\Benjamin\Desktop\AdwCleaner[C2].txt
2017-06-25 02:10 - 2017-06-25 02:10 - 00000000 ____D C:\WINDOWS\SysWOW64\syncdb
2017-06-25 02:00 - 2017-06-25 00:31 - 04110280 _____ C:\Users\Benjamin\Desktop\adwcleaner_6.047__1_.exe
2017-06-25 00:59 - 2017-06-26 12:48 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-25 00:59 - 2017-06-26 12:33 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-25 00:59 - 2017-06-26 12:33 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-25 00:59 - 2017-06-26 12:33 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-25 00:59 - 2017-06-25 00:59 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-25 00:58 - 2017-06-25 00:58 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-25 00:58 - 2017-06-25 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-25 00:58 - 2017-06-25 00:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-25 00:58 - 2017-06-25 00:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-25 00:58 - 2017-05-25 11:58 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-25 00:49 - 2017-06-26 11:13 - 00000000 ____D C:\AdwCleaner
2017-06-19 19:47 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-19 19:47 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-19 19:47 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-19 19:47 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-19 19:47 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-19 19:47 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-19 19:47 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-19 19:47 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-19 19:47 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-19 19:47 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-19 19:47 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-19 19:47 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-19 19:47 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-19 19:47 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-19 19:47 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-19 19:47 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-19 19:47 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-19 19:47 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-19 19:47 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-19 19:47 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-19 19:47 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-19 19:47 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-19 19:47 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-19 19:47 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-19 19:47 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-19 19:47 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-19 19:47 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-19 19:47 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-19 19:47 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-19 19:47 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-19 19:47 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-19 19:47 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-19 19:47 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-19 19:47 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-19 19:47 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-19 19:47 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-19 19:47 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-19 19:47 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-19 19:47 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-19 19:47 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-19 19:47 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-19 19:47 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-19 19:47 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-19 19:47 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-19 19:47 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-19 19:47 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-19 19:47 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-19 19:47 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-19 19:47 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-19 19:47 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-19 19:47 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-19 19:47 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-19 19:47 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-19 19:47 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-19 19:47 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-19 19:47 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-19 19:47 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-19 19:47 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-19 19:47 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-19 19:47 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-19 19:47 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-19 19:47 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-19 19:47 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-19 19:47 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-19 19:47 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-19 19:47 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-19 19:47 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-19 19:47 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-19 19:47 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-19 19:47 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-19 19:47 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-19 19:47 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-19 19:47 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-19 19:47 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-19 19:47 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-19 19:47 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-19 19:47 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-19 19:47 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-19 19:47 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-19 19:47 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-19 19:47 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-19 19:47 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-19 19:47 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-19 19:47 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-19 19:47 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-19 19:47 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-19 19:47 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-19 19:47 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-19 19:47 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-19 19:47 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-19 19:47 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-19 19:47 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-19 19:47 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-19 19:47 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-19 19:47 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-19 19:47 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-19 19:47 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-19 19:47 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-19 19:47 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-19 19:47 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-19 19:47 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-19 19:47 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-19 19:47 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-19 19:47 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-19 19:47 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-19 19:47 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-19 19:47 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-19 19:47 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-19 19:47 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-19 19:47 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-19 19:47 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-19 19:47 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-19 19:47 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-19 19:47 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-19 19:47 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-19 19:47 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-19 19:47 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-19 19:47 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-19 19:47 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-19 19:47 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-19 19:47 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-19 19:47 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-19 19:47 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-19 19:47 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-19 19:47 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-19 19:47 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-19 19:47 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-19 19:47 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-19 19:47 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-19 19:47 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-19 19:47 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-19 19:47 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-19 19:47 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-19 19:47 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-19 19:47 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-19 19:47 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-19 19:47 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-19 19:47 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-19 19:47 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-19 19:47 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-19 19:47 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-19 19:47 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-19 19:47 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-19 19:47 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-19 19:47 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-19 19:47 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-19 19:47 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-19 19:47 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-19 19:47 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-19 19:47 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-19 19:47 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-19 19:47 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-19 19:47 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-19 19:47 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-19 19:47 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-19 19:47 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-19 19:47 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-19 19:47 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-19 19:47 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-19 19:47 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-19 19:47 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-19 19:47 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-19 19:47 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-19 19:47 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-19 19:47 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-19 19:47 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-19 19:47 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-19 19:47 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-19 19:47 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-19 19:47 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-19 19:47 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-19 19:47 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-19 19:47 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-19 19:47 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-19 19:47 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-19 19:47 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-19 19:47 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-19 19:47 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-19 19:47 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-19 19:47 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-19 19:47 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-19 19:47 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-19 19:47 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-19 19:47 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-19 19:47 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-19 19:47 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-19 19:47 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-19 19:47 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-19 19:47 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-19 19:47 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-19 19:47 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-19 19:47 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-19 19:47 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-19 19:47 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-19 19:46 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-19 19:46 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-19 19:46 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-19 19:46 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-19 19:46 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-19 19:46 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-19 19:46 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-19 19:46 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-19 19:46 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-19 19:46 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-19 19:46 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-19 19:46 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-19 19:46 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-19 19:46 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-19 19:46 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-19 19:46 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-19 19:46 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-19 19:46 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-19 19:46 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-19 19:46 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-19 19:46 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-19 19:46 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-08 13:21 - 2017-06-08 13:21 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-06-08 13:21 - 2017-06-08 13:21 - 00001214 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-06-05 12:57 - 2017-06-26 12:34 - 00000176 _____ C:\Users\Benjamin\BullseyeCoverageError.txt
2017-06-05 12:56 - 2017-06-05 12:57 - 00000176 _____ C:\Users\Default\BullseyeCoverageError.txt
2017-06-05 12:56 - 2017-06-05 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-06-05 12:54 - 2017-06-05 12:54 - 913769410 _____ C:\WINDOWS\MEMORY.DMP
2017-06-05 12:54 - 2017-06-05 12:54 - 00922028 _____ C:\WINDOWS\Minidump\060517-9187-01.dmp
2017-06-05 12:54 - 2017-06-05 12:54 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-05 01:07 - 2017-06-05 01:07 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Tempzxpsigndac65eec5b4b1c35
2017-06-05 01:07 - 2017-06-05 01:07 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Tempzxpsigncb7e7075d2ebffd7
2017-06-05 01:07 - 2017-06-05 01:07 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Tempzxpsign88845b7c34ef4c50
2017-05-29 19:21 - 2017-05-29 19:22 - 00000000 ____D C:\Users\Benjamin\AppData\Local\DefishGui
2017-05-27 16:45 - 2017-05-27 16:45 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\VMware
2017-05-27 16:45 - 2017-05-27 16:45 - 00000000 ____D C:\Users\Benjamin\AppData\Local\VMware
2017-05-27 16:44 - 2017-05-11 00:43 - 00088128 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2017-05-27 16:44 - 2017-05-11 00:43 - 00049216 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmparport.sys
2017-05-27 16:44 - 2016-09-30 01:12 - 00091712 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2017-05-27 16:44 - 2016-09-30 01:12 - 00069104 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2017-05-27 16:44 - 2016-09-30 01:12 - 00065016 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2017-05-27 16:43 - 2017-06-26 12:33 - 00000000 ____D C:\ProgramData\VMware
2017-05-27 16:43 - 2017-05-27 16:43 - 02253326 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-27 16:43 - 2017-05-27 16:43 - 00001008 _____ C:\Users\Public\Desktop\VMware Workstation 12 Player.lnk
2017-05-27 16:43 - 2017-05-27 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2017-05-27 16:43 - 2017-05-27 16:43 - 00000000 ____D C:\Program Files\Common Files\VMware
2017-05-27 16:43 - 2017-05-11 00:50 - 00366568 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2017-05-27 16:43 - 2017-05-11 00:49 - 01149416 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2017-05-27 16:43 - 2017-05-11 00:49 - 00400872 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2017-05-27 16:43 - 2017-05-11 00:29 - 00066520 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll
2017-05-27 16:43 - 2017-05-11 00:29 - 00043992 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2017-05-27 16:43 - 2017-02-20 08:02 - 00083008 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2017-05-27 16:41 - 2017-05-27 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-26 13:14 - 2016-04-25 20:28 - 00000000 ____D C:\Users\Benjamin\AppData\Local\LogMeIn Hamachi
2017-06-26 12:39 - 2017-04-23 13:50 - 02640884 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-26 12:39 - 2017-03-20 06:41 - 01225146 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-26 12:39 - 2017-03-20 06:41 - 00284452 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-26 12:37 - 2016-10-20 14:14 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-06-26 12:34 - 2017-04-23 13:41 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-26 12:34 - 2016-10-03 16:18 - 00000000 ___RD C:\Users\Benjamin\Creative Cloud Files
2017-06-26 12:34 - 2016-08-03 14:17 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Adobe
2017-06-26 12:33 - 2017-04-23 13:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-26 12:33 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-06-26 12:33 - 2016-11-05 05:27 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\AVG
2017-06-26 12:33 - 2016-11-05 05:26 - 00000000 ____D C:\ProgramData\Avg
2017-06-26 12:32 - 2017-04-23 13:46 - 00003148 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-06-26 12:11 - 2016-11-05 05:26 - 00000000 ____D C:\Users\Benjamin\AppData\Local\AvgSetupLog
2017-06-26 11:49 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-26 10:54 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-26 10:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-26 00:10 - 2017-04-23 13:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-25 14:25 - 2016-09-26 18:31 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-25 12:29 - 2016-04-21 18:54 - 00000000 ____D C:\Users\Benjamin\AppData\Local\CrashDumps
2017-06-25 02:56 - 2016-08-19 10:01 - 00000000 ____D C:\Users\Benjamin\AppData\Local\Spotify
2017-06-25 02:46 - 2016-08-19 10:00 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\Spotify
2017-06-25 02:17 - 2017-02-20 18:44 - 00000000 ____D C:\Users\Benjamin\AppData\Local\ClassicShell
2017-06-25 02:14 - 2016-04-21 18:38 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\Adobe
2017-06-25 02:13 - 2017-04-23 13:41 - 00000000 ____D C:\Users\Benjamin
2017-06-25 02:13 - 2017-04-23 13:40 - 00314768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-25 02:10 - 2016-08-03 14:08 - 00000000 ____D C:\ProgramData\Adobe
2017-06-25 02:07 - 2016-10-03 17:24 - 00000000 ____D C:\Program Files\Adobe
2017-06-25 02:05 - 2016-04-25 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2017-06-25 02:05 - 2016-04-21 18:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-25 01:56 - 2016-10-03 17:25 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-06-25 01:08 - 2016-04-21 18:38 - 00000000 ____D C:\Users\Benjamin\AppData\Local\VirtualStore
2017-06-25 00:48 - 2016-04-21 19:03 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\Skype
2017-06-23 02:19 - 2016-07-09 18:08 - 00000000 ____D C:\ProgramData\Origin
2017-06-22 22:38 - 2016-07-09 18:10 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\Origin
2017-06-22 19:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-21 17:15 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-20 15:52 - 2016-11-08 18:36 - 00007592 _____ C:\Users\Benjamin\AppData\Local\Resmon.ResmonCfg
2017-06-20 12:39 - 2016-04-21 20:08 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-20 12:39 - 2016-04-21 20:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-20 11:45 - 2017-04-23 13:46 - 00004702 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-20 11:45 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-20 11:45 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-20 11:44 - 2017-04-23 13:46 - 00003296 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-20 11:44 - 2016-04-21 18:41 - 00002392 _____ C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 11:44 - 2016-04-21 18:41 - 00000000 ___RD C:\Users\Benjamin\OneDrive
2017-06-20 11:43 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-20 01:23 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-19 19:51 - 2016-04-22 13:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-19 19:49 - 2016-04-22 13:45 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-09 15:37 - 2016-05-11 16:30 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\WhatsApp
2017-06-08 14:19 - 2017-04-22 14:50 - 00000000 ____D C:\Users\Benjamin\AppData\Roaming\LiquidSky
2017-06-08 13:21 - 2016-08-03 14:09 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-06 12:45 - 2016-10-03 16:18 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-06-05 22:00 - 2016-09-25 13:40 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-06-05 22:00 - 2016-09-25 13:40 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-06-04 14:40 - 2017-03-07 15:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-04 14:40 - 2016-04-21 19:03 - 00000000 ____D C:\ProgramData\Skype
2017-06-03 08:32 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:32 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-27 18:07 - 2016-08-17 16:41 - 00000000 ____D C:\Users\Benjamin\.VirtualBox
2017-05-27 16:46 - 2016-08-17 21:04 - 00000000 ____D C:\Users\Benjamin\VirtualBox VMs
2017-05-27 16:41 - 2016-08-17 16:52 - 00000904 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-27 22:57 - 2016-11-03 23:56 - 0000033 _____ () C:\Users\Benjamin\AppData\Roaming\AdobeWLCMCache.dat
2017-03-27 21:10 - 2017-03-28 01:59 - 1307648 _____ () C:\Users\Benjamin\AppData\Local\file__0.localstorage
2016-04-29 19:02 - 2016-04-29 19:02 - 0000026 _____ () C:\Users\Benjamin\AppData\Local\isoworkshop.ini
2016-08-17 11:58 - 2016-08-18 15:35 - 0000600 _____ () C:\Users\Benjamin\AppData\Local\PUTTY.RND
2016-11-05 03:33 - 2016-11-05 03:33 - 0002274 _____ () C:\Users\Benjamin\AppData\Local\recently-used.xbel
2016-11-08 18:36 - 2017-06-20 15:52 - 0007592 _____ () C:\Users\Benjamin\AppData\Local\Resmon.ResmonCfg
2017-02-09 22:03 - 2017-02-09 22:03 - 0000037 _____ () C:\Users\Benjamin\AppData\Local\X-Plane Installer.prf
2017-02-09 22:03 - 2017-02-11 00:56 - 0000015 _____ () C:\Users\Benjamin\AppData\Local\X-Plane_drm_11.prf
2017-02-09 21:48 - 2017-02-09 21:48 - 0000026 _____ () C:\Users\Benjamin\AppData\Local\x-plane_install_11.txt
2016-09-14 00:06 - 2016-09-14 00:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-06-25 14:42 - 2017-06-25 14:42 - 0010520 _____ () C:\Users\Benjamin\AppData\Local\Temp\BullseyeCoverage-x86-3.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-19 20:18

==================== Ende von FRST.txt ============================
         

Alt 26.06.2017, 13:33   #15
LePhoenix
 
Weiterleitungen und Werbung in allen Browsern - Standard

Weiterleitungen und Werbung in allen Browsern



Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
durchgeführt von Benjamin (26-06-2017 13:30:58)
Gestartet von C:\Users\Benjamin\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-23 11:49:10)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1950188543-441825992-3618123389-500 - Administrator - Disabled)
Benjamin (S-1-5-21-1950188543-441825992-3618123389-1001 - Administrator - Enabled) => C:\Users\Benjamin
DefaultAccount (S-1-5-21-1950188543-441825992-3618123389-503 - Limited - Disabled)
Gast (S-1-5-21-1950188543-441825992-3618123389-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3CXPhone (HKLM-x32\...\{0DF8FA4D-299C-4250-9F09-C14E47E12224}) (Version: 4.0.26523.0 - 3CX)
3DMark (HKLM-x32\...\{06916c5d-59d5-401e-a1b9-db064bd8bc95}) (Version: 2.3.3663.0 - Futuremark)
3DMark (Version: 2.3.3663.0 - Futuremark) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Active Sky Next for FSX SP5 (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.6011.15407 - HiFi Technologies, Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.31 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.31 - Aerosoft)
aerosoft's - Mega Airport Paris CDG X (HKLM-x32\...\{0F5E7FC8-3D49-47DA-9A51-6A8B4BE393B0}) (Version: 1.00 - aerosoft)
Aerosoft's - Mega Airport Zurich 2012 - FSX (HKLM-x32\...\{463A571A-B793-459B-BEA8-028DC323AAB0}) (Version: 1.02 - Aerosoft)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
AnyRail6 (HKLM-x32\...\AnyRail6 6.2.1) (Version: 6.2.1 - DRail Modelspoor Software)
AnyRail6 (x32 Version: 6.2.1 - DRail Modelspoor Software) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.0.34 - HiFi Technologies, Inc.)
Asus audio driver (HKLM-x32\...\{3219bf79-8651-4e0b-b746-a52f3af3d062}) (Version: 1.0.13 - ASUSTeKcomputer.Inc)
Asus Xonar Phoebus Audio Driver (Version: 1.0.13 - ASUSTeKcomputer.Inc) Hidden
Atlas Track Planning Software 0.9.34 (a) beta (HKLM-x32\...\AtlasTPS_by_Milen_Peev_is1) (Version: 0.9.34 - Milen Peev)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield: Bad Company 2 (HKLM\...\Steam App 24960) (Version:  - DICE)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.50.17863 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bitcoin Core (64-bit) (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Bitcoin Core (64-bit)) (Version: 0.14.1 - Bitcoin Core project)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 8.4 - Codeusa Software)
ChkHwId (x32 Version: 1.0.13 - ASUSTeKcomputer.Inc) Hidden
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Corel AfterShot 3 - ICA x64 (Version: 3.2 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM Content x64 (Version: 3.2 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM x64 (Version: 3.2.0.205 - Corel Corporation) Hidden
Corel AfterShot 3 x64 (Version: 3.0 - Corel Corporation) Hidden
Corel AfterShot 3(64-bit) (HKLM\...\_{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.2.0.205 - Corel Corporation)
Corel Update Manager (Version: 2.3.160 - Corel corporation) Hidden
Darktable 2.0 (HKLM-x32\...\Darktable-2.0) (Version: 2.0.0 - Partha Bagchi)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
DiRT Rally (HKLM\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
f.lux (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Flux) (Version:  - )
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
FreeTrack v2.2.0.279 (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\FreeTrack v2.2.0.279) (Version:  - )
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FSCloud version 1.xxxx beta (HKLM-x32\...\{EAEDE38E-4126-42B7-BC6D-93E3A2EC06E9}_is1) (Version: 1.xxxx beta - FSCloud.net)
FSFDT FSCopilot (HKLM-x32\...\FSFDT FSCopilot) (Version:  - )
FSIAT LICJ X Scenery for FSX V.1.01 (HKLM-x32\...\FSIAT LICJ X Scenery for FSX V.1.01) (Version: V.1.01 V.1.01 - FSIADT)
Futuremark SystemInfo (HKLM-x32\...\{6583B359-134F-480D-9B31-9B94EFFAFE40}) (Version: 5.0.609.0 - Futuremark)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GRID (HKLM\...\Steam App 12750) (Version:  - Codemasters Studios)
H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version:  - Daybreak Game Company)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
HFSExplorer 0.23.1 (HKLM-x32\...\HFSExplorer) (Version: 0.23.1 - Catacombae Software)
HitFilm 4 Express (HKLM\...\{B266DF92-432D-4985-91C3-70148568AB79}) (Version: 4.0.5422.10801 - FXHOME)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
ISO Workshop 6.1 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
John's Background Switcher 4.12 (HKLM-x32\...\{DD3DAD13-289E-440E-A5D3-3EFB25305018}_is1) (Version: 4.12 - johnsadventures.com)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
Linphone version 3.7.0 (HKLM-x32\...\Linphone_is1) (Version:  - linphone.org)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.578 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.578 - LogMeIn, Inc.) Hidden
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version:  - )
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft OneDrive (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minimal ADB and Fastboot version 1.4 (HKLM-x32\...\{C5564379-582D-457A-9E68-A9E7C1F1C4EC}_is1) (Version: 1.4 - Sam Rodberg)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.001.06.01.500 - Huawei Technologies Co.,Ltd)
Mp3tag v2.78 (HKLM-x32\...\Mp3tag) (Version: v2.78 - Florian Heidenreich)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MultiBit HD 0.5.1 (HKLM\...\6925-4794-5772-4956) (Version: 0.5.1 - KeepKey,LLC)
Nemeth Designs & Milviz AgustaWestland AW109 for FSX (HKLM-x32\...\Nemeth Designs & Milviz AgustaWestland AW109 for FSX) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{392427E9-9FA4-4CD2-99EB-FD53A12BDCDA}) (Version: 1.2.1 - Olympus Corporation)
OLYMPUS Viewer 3 (HKLM-x32\...\{F324FE01-619B-4290-83BD-FC4F055CDBFD}) (Version: 2.0.1 - Olympus Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.22 (HKLM\...\{8D5E4D4D-5E0C-4448-B018-5DDEF1E208D9}) (Version: 5.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Paragon Backup and Recovery™ 16 (HKLM\...\{DADAA9CF-36B6-11E6-B0B5-005056C00008}) (Version: 10.1.28.163 - Paragon Software)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
PlanetSide 2 (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6461 - PMDG Simulations, LLC.)
PMDG 747-400/400F for FSX (HKLM-x32\...\{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}) (Version: 2.10.0040 - Precision Manuals Development Group)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.7025 - PMDG Simulations, LLC.)
PMDG744X_GE_AC (HKLM-x32\...\{8A3D1E45-8D8C-4FC6-A769-DF1232776190}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_AF (HKLM-x32\...\{70D78DCD-8369-4857-BFEF-021C9899DA75}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_KL (HKLM-x32\...\{D4CF23EE-B0B6-4E5F-A335-8E63F8AFAC98}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_GE_LH (HKLM-x32\...\{20372FAA-3AF4-4B3D-9B1D-564CDEA5957C}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_GE_NH (HKLM-x32\...\{A1D97ADB-EFF4-4F31-B286-873F06AC6496}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_GE_SV (HKLM-x32\...\{40F75775-0940-4F2D-B43F-2BB37E51F13A}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_PW_IB (HKLM-x32\...\{1D67FB28-58DA-4425-B426-99E894468197}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_PW_NW3 (HKLM-x32\...\{96E1C9EE-5109-41FA-B412-E3358626051D}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_PW_UA3 (HKLM-x32\...\{EAB979F7-84A6-47B6-AB39-CA73A6EEAE69}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_RR_BA (HKLM-x32\...\{9C979BC5-0B86-47A1-B6C1-6057297DB61C}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_5XF (HKLM-x32\...\{E45EC4EA-CE0C-4F1C-9DA4-908A5860CDBA}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_AFF (HKLM-x32\...\{31C2BE56-FC30-4EC8-9E53-509252008243}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744XF_GE_BRF (HKLM-x32\...\{1AF39B3E-954C-4ADB-BD31-D29F653D4B22}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_EKF (HKLM-x32\...\{20B3074F-F200-4A50-9231-6FE3E0CF3F05}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_KLF (HKLM-x32\...\{9EF4E550-0D15-4047-AABF-ACD47CC3623B}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744XF_GE_VC25A (HKLM-x32\...\{E110F951-FDE7-46AF-A469-C234666E98EF}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_GE_XHF (HKLM-x32\...\{520C2FC2-F39B-4B95-BDA9-3FB6BCA135BF}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_PW_FXF (HKLM-x32\...\{F77ABA68-8AC4-497E-9FFA-9CA4506B78FC}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_RR_CVF3 (HKLM-x32\...\{BF05DD52-4D84-474D-A7ED-F1DCAAE39E82}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744XF_RR_CXF (HKLM-x32\...\{ABD462F9-7436-4086-A65B-AC6360ED45FC}) (Version: 1.00.0000 - Precision Manuals Development Group)
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version:  - Ubisoft)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
RenderManNC-Installer (HKLM\...\{DBD61261-3A3B-11E6-93DC-9C35EBEEE7A7}) (Version: 1.0.0 - Pixar)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
REX 4 Texture Direct (with Soft Clouds) (HKLM-x32\...\{A1A078B6-6FBA-474D-8B23-B432591A02C2}) (Version: 4.8.2016.0325 - REX Game Studios, LLC.)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Rocrail -rev11469 (HKLM-x32\...\Rocrail_is1) (Version:  - rocrail.net)
Saints Row 2 (HKLM-x32\...\1430740458_is1) (Version: 2.1.0.5 - GOG.com)
SCARM 0.9.34 beta (HKLM-x32\...\{9BF3D390-A0AD-4733-AFC8-18E306B8E219}_is1) (Version: 0.9.34 - Milen Peev)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
SketchUp 2017 (HKLM\...\{C711666A-E8CC-4E2A-802F-BAA35E76045F}) (Version: 17.2.2555 - Trimble Navigation Limited)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Slide (HKLM-x32\...\{71253338-63E7-4A0E-9648-55F8D6FB771F}) (Version: 1.0.0 - lkuich)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Spintires (HKLM\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Spintires Editor (HKLM\...\Steam App 367690) (Version:  - )
Spotify (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steep (HKLM-x32\...\Uplay Install 3279) (Version:  - Ubisoft)
Survarium (HKLM\...\Steam App 355840) (Version:  - Vostok Games)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.46a - )
Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Thea Render (HKLM\...\TheaRender) (Version: 1.5 - Solid Iris Technologies)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Tomahawk (HKLM-x32\...\Tomahawk) (Version: 0.8.4 - Tomahawk-player.org)
Train Fever (HKLM\...\Steam App 304730) (Version:  - Urban Games)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Twilight Render 2.7.2 x64 Hobby (HKLM\...\{995E0EED-61CB-4AFC-93A0-D769CD08A11C}_is1) (Version:  - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
Virtual Audio Cable 4.14 (HKLM\...\Virtual Audio Cable 4.14) (Version:  - )
VistaMare ViMaCore X (HKLM-x32\...\ViMaCore X) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Player (HKLM\...\{D4234612-889D-4A9F-81FB-2DE679D1364E}) (Version: 12.5.6 - VMware, Inc.)
VNC Server 6.0.3 (HKLM\...\{9949C1DE-C543-499B-8A8E-8F0A024A65B8}) (Version: 6.0.3.27095 - RealVNC Ltd)
VNC Viewer 6.0.3 (HKLM\...\{64A73BAC-D4D0-4F12-9216-ABA1E16832ED}) (Version: 6.0.3.27095 - RealVNC Ltd)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WhatsApp (HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\WhatsApp) (Version: 0.2.4240 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windscribe version 1.60 build 24 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.60 build 24 - Windscribe)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
X-Lite (HKLM-x32\...\{1F9BFD72-C600-4FF0-AAE2-C0850A127DFB}) (Version: 49.8.2158 - CounterPath Corporation)
Xonar U7 (Version: 1.0.13 - ASUSTeKcomputer.Inc) Hidden
Zoiper (HKLM-x32\...\Zoiper) (Version: 3.9 - Securax LTD)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1950188543-441825992-3618123389-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-61278E991861}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1950188543-441825992-3618123389-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {178534DD-775C-4B1F-B2E7-0437388937B2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {48946A1D-E9AE-4AFF-90D8-26D1EF19A4E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-20] (Adobe Systems Incorporated)
Task: {4C04E3B1-4BEA-4C41-8C8B-3EB475D1FC9B} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-24] (Corel Corporation)
Task: {5335C1EC-B9CC-4EBA-AFA7-E4DB91919BB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-21] (Google Inc.)
Task: {55CD488E-14A5-4C09-AA19-5CC6B3A312DD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {751E859F-D719-4531-9E72-8BB9426062FB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {7A6C70AB-463F-4C0D-954F-E3D2FC34A254} - System32\Tasks\MSIAfterburner => P:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-09-02] ()
Task: {7DB8F052-FB6D-4FFA-8941-09BE6F00E8AA} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {913D3BBA-8FF2-45C9-8AC1-A32547C021C5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-20] (Adobe Systems Incorporated)
Task: {9D93DA45-ED99-432A-81C0-26D9EBA69099} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {B9E4BE0E-D367-49B2-B1AD-F113EF25ADB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-21] (Google Inc.)
Task: {C9406B16-56FF-4215-A303-A7C0BF0690EF} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-24] (Corel Corporation)
Task: {CC821F27-AB5A-4A74-8A5B-04DD38BCB200} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {DD4FE3D3-1D82-4F76-8E9E-1675E440D193} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {FBA50A33-57C7-4623-974A-689FAC6CE7AB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {FF0FE0CA-7494-4870-83D9-F722C95A2EF4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Hotspot Shield Free VPN Proxy – Unblock Sites.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=heajfgnegopeedndeahkdjedjkjcmnpb

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-06-25 00:58 - 2017-05-25 14:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-04 03:21 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-10 14:47 - 2016-07-10 14:47 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-11-23 18:40 - 2016-11-23 07:05 - 00053352 _____ () P:\Program Files (x86)\Windscribe\WindscribeService.exe
2017-06-05 12:56 - 2017-06-05 12:56 - 00012080 _____ () C:\WINDOWS\TEMP\BullseyeCoverage-x64-3.dll
2016-09-02 11:11 - 2016-09-02 11:11 - 00589512 _____ () P:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-26 03:18 - 2017-05-26 03:18 - 00492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-01-28 10:52 - 2015-01-28 10:52 - 00742192 _____ () C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\x64\nhAsusU7DevProps.dll
2017-05-12 17:30 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-12 17:30 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-03-30 19:17 - 2016-03-30 19:17 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-03-30 19:17 - 2016-03-30 19:17 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-01-28 10:50 - 2015-01-28 10:50 - 03544880 _____ () C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\nhAsusU7UILauncher.exe
2017-05-21 01:21 - 2017-05-03 22:20 - 00034424 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2017-05-21 01:21 - 2017-05-03 22:20 - 00920184 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2015-01-28 10:52 - 2015-01-28 10:52 - 03291136 _____ () C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\x64\nhAsusU7Svc64.exe
2017-05-15 02:38 - 2017-05-15 02:38 - 34957896 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-20 12:38 - 2017-04-05 10:09 - 02493440 _____ () P:\Games\Origin\libGLESv2.dll
2016-10-04 03:21 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-01-28 10:50 - 2015-01-28 10:50 - 00723760 _____ () C:\Program Files\ASUSTeKcomputer.Inc\nhAsusU7\UserInterface\nhAsusU7DevProps.dll
2016-08-28 13:19 - 2016-08-28 13:19 - 00227840 _____ () P:\Program Files (x86)\MSI Afterburner\RTCore.dll
2016-08-19 17:31 - 2016-08-19 17:31 - 00056832 _____ () P:\Program Files (x86)\MSI Afterburner\RTFC.dll
2016-08-19 17:31 - 2016-08-19 17:31 - 00071680 _____ () P:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2016-08-19 17:31 - 2016-08-19 17:31 - 00357888 _____ () P:\Program Files (x86)\MSI Afterburner\RTUI.dll
2016-08-28 13:19 - 2016-08-28 13:19 - 00525824 _____ () P:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2017-06-03 12:08 - 2017-05-17 03:54 - 00678176 _____ () P:\Steam\SDL2.dll
2017-06-09 13:58 - 2017-06-08 07:42 - 02485536 _____ () P:\Steam\video.dll
2016-10-15 14:13 - 2016-09-01 03:02 - 04969248 _____ () P:\Steam\v8.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 00332800 _____ () P:\Steam\libavresample-2.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 00491008 _____ () P:\Steam\libavformat-56.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 02549760 _____ () P:\Steam\libavcodec-56.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 00442880 _____ () P:\Steam\libavutil-54.dll
2016-10-15 14:13 - 2016-01-27 09:49 - 00485888 _____ () P:\Steam\libswscale-3.dll
2016-10-15 14:13 - 2016-09-01 03:02 - 01563936 _____ () P:\Steam\icui18n.dll
2016-10-15 14:13 - 2016-09-01 03:02 - 01195296 _____ () P:\Steam\icuuc.dll
2017-06-09 13:58 - 2017-06-08 07:42 - 00877856 _____ () P:\Steam\bin\chromehtml.DLL
2016-10-15 14:13 - 2016-07-05 00:17 - 00266560 _____ () P:\Steam\openvr_api.dll
2016-10-04 03:21 - 2017-05-03 22:20 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-06-26 12:34 - 2017-06-26 12:34 - 00098816 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32api.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00110080 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\pywintypes27.dll
2017-06-26 12:34 - 2017-06-26 12:34 - 00364544 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\pythoncom27.dll
2017-06-26 12:34 - 2017-06-26 12:34 - 00320512 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32com.shell.shell.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00914432 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\_hashlib.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 01176576 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\wx._core_.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00806400 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\wx._gdi_.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00816128 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\wx._windows_.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 01067008 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\wx._controls_.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00733184 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\wx._misc_.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00682496 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\pysqlite2._sqlite.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00088064 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\_ctypes.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00686080 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\unicodedata.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00119808 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32file.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00108544 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32security.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00007168 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\hashobjs_ext.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00017920 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\thumbnails_ext.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00088064 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\usb_ext.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00012800 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\common.time34.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00018432 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32event.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00167936 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32gui.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00046080 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\_socket.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 01303552 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\_ssl.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00128512 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\_elementtree.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00127488 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\pyexpat.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00038912 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32inet.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00036864 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\_psutil_windows.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00524248 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\windows._lib_cacheinvalidation.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00011264 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32crypt.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00123392 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\wx._wizard.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00077312 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\wx._html2.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00027648 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\_multiprocessing.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00020480 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\_yappi.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00035840 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32process.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00078848 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\wx._animate.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00024064 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32pipe.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00010240 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\select.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00025600 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32pdh.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00017408 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32profile.pyd
2017-06-26 12:34 - 2017-06-26 12:34 - 00022528 ____R () C:\Users\Benjamin\AppData\Local\Temp\_MEI147722\win32ts.pyd
2016-10-25 22:06 - 2017-06-22 11:07 - 00189040 _____ () C:\Users\Benjamin\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-04-21 19:20 - 2010-11-04 11:48 - 00061440 _____ () P:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2017-06-04 07:19 - 2017-06-04 07:19 - 52051552 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-06-25 14:42 - 2017-06-25 14:42 - 00010520 _____ () C:\Users\Benjamin\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2016-08-03 17:45 - 2016-08-03 17:45 - 00048304 _____ () P:\Program Files\FileZilla FTP Client\fzshellext.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-05-30 01:38 - 2017-05-30 01:38 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-06-04 07:47 - 2017-06-04 07:47 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-06-03 12:08 - 2017-05-08 21:45 - 69516064 _____ () P:\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 13:58 - 2017-05-17 03:54 - 00678176 _____ () P:\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-09 13:58 - 2017-06-08 07:42 - 00385312 _____ () P:\Steam\steam.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-04 07:43 - 2017-06-04 07:43 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 00098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\facebook.com -> hxxps://staticxx.facebook.com
IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\facebook.net -> hxxps://connect.facebook.net
IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\fbcdn.net -> hxxps://static.xx.fbcdn.net
IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\google-analytics.com -> hxxps://www.google-analytics.com
IE trusted site: HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\paragon-software.com -> hxxps://bo4-fe.paragon-software.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1950188543-441825992-3618123389-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-1950188543-441825992-3618123389-1001\...\StartupApproved\Run: => "f.lux"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A1EF00C9-836A-4F9B-B75F-F1EF69161A02}] => (Allow) C:\Users\Benjamin\AppData\Roaming\LiquidSky\lib\LiquidSky.exe
FirewallRules: [{06A2A1E5-0C3C-4A09-AB60-0F530E3DF769}] => (Allow) C:\Users\Benjamin\AppData\Roaming\LiquidSky\lib\LiquidSky.exe
FirewallRules: [{13F7D66F-DF3F-4724-B2C2-06AD3FC21DEE}] => (Allow) C:\Users\Benjamin\AppData\Roaming\LiquidSky\LiquidSkyClient.exe
FirewallRules: [{2F419E0F-0213-47DE-8A08-49F6BA52477A}] => (Allow) C:\Users\Benjamin\AppData\Roaming\LiquidSky\LiquidSkyClient.exe
FirewallRules: [{B2D8258F-738C-4373-AD42-9B277916455D}] => (Allow) D:\Downloads\LiquidSkyClient.exe
FirewallRules: [{B77FF973-F667-4735-A85E-79495EF9E329}] => (Allow) D:\Downloads\LiquidSkyClient.exe
FirewallRules: [UDP Query User{43648C04-ABD0-434D-9E72-F482C42768A0}P:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) P:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{141C78C9-1D2C-449F-8055-FCB7DB2F5D9F}P:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) P:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{EC7E7DCF-5AD7-4314-8CB2-9F0CEE049C27}] => (Allow) P:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{6F7C0F31-A476-4EF1-9BD0-79DF5E4D2DAA}] => (Allow) P:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{20CEF79E-E67D-4637-B423-34425DDADE8C}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{4070467B-9C71-40A8-99EA-7181B26980B7}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{3D3DB32B-AF79-43AC-9CB5-F8655323E41F}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{0F143D43-8CC6-4951-A2DE-6740DF18CCC4}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{B6C36E07-7691-4923-9136-AB8347CF9783}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{B5584F2E-98D1-4F89-B5C7-F197A85422F7}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium-2.exe
FirewallRules: [{4CCE8145-C85A-47A5-89C5-F04436220FC6}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{7E2B14B8-D4DF-4899-814B-C836EFBF8586}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{4B5072E9-8A03-40A8-9D4F-70B2DC0DBB99}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{91B15DBA-7D80-464F-9AD8-77317524A57C}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{C9D540F3-95B6-4602-9AE9-F37B5EDE80F7}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{66847CD8-8C67-46D6-8A7A-11DE15AED8E3}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{A96C5C27-BEA8-464F-A596-52BFC6B1B89B}] => (Allow) F:\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules: [{4D24AA02-0B14-4C97-8C6C-F31EEC195143}] => (Allow) P:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{E0678DFE-52BE-4892-B1B7-6B030793C238}] => (Allow) P:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{61927690-A6E0-4087-B285-AD0EAFCB0FCB}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Steep\steep.exe
FirewallRules: [UDP Query User{1B0B5D0E-9BDC-4B46-879C-3F7E71760272}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{C7D965E2-BD3E-4930-9E35-F784F38AB74E}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{C770B7AD-FEB5-4F47-91DC-B760D0E400B1}D:\downloads\x-plane 11\x-plane.exe] => (Allow) D:\downloads\x-plane 11\x-plane.exe
FirewallRules: [TCP Query User{1B27F4A1-93E5-4544-81F4-67095997285D}D:\downloads\x-plane 11\x-plane.exe] => (Allow) D:\downloads\x-plane 11\x-plane.exe
FirewallRules: [{0C94EA90-CC67-4F8D-A8C7-D599112DC85C}] => (Allow) P:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{4CB0FF34-3125-46A3-9A2C-E5C5202FC62B}] => (Allow) P:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{F9DDA595-94CF-44CF-BBA5-579960BDA5AC}] => (Allow) F:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B8BE5A8F-33E6-4532-A95E-337EDDA84955}] => (Allow) F:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{9B6EDDBB-523C-4DC3-A4ED-454F52E521DA}] => (Allow) P:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4209C100-A044-45AD-8866-875ACE553C4C}] => (Allow) P:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F1B0546A-B01A-41F7-9968-4F812DA0AD3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C9B64DD5-3616-49C1-8DB1-16CC75EB319D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4612EDF-E757-4064-B69D-19029C3EF05D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{114A8FE8-9C42-47EE-A82B-14B084593085}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{89EF6D45-E0E4-4904-88C9-93D8D6374013}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B640A5B9-4B3A-43A6-827F-2FE6F038230B}] => (Allow) P:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{48745021-57AA-4081-B98B-DF692B704320}] => (Allow) P:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [UDP Query User{39735BB1-C228-4817-A35F-15C9FECAB414}P:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) P:\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{A4206F29-E4B6-4EEA-9AF5-F33C20ACE739}P:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) P:\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{743AD1D1-7F35-4F51-8DBD-58D9CE4E31DC}P:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) P:\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{C1A82D21-444D-48C0-887F-5BD60D21F6FA}P:\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) P:\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{86182BED-0D64-4E5A-9FC5-AC1340AA58DD}] => (Allow) P:\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{6C8E0C8E-C370-4E80-9DEF-21711FE73DF8}] => (Allow) P:\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{1F82E702-A09C-4C43-A0E7-E73B0582C868}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{207A541C-8414-4C83-90EF-1E6AFC49B9F0}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [UDP Query User{37674063-86B5-4701-BD13-98FE67C8C96F}P:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) P:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{B3EA3E4C-6528-4A6A-90E9-CD9A3F8A7225}P:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) P:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{95157547-7DE5-4FD6-8171-9DD6FBE4EA2B}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{4BBF0C9A-0884-469C-8186-33B106AF996B}] => (Allow) F:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{7A64B7F8-846B-4EDE-BB1C-46D44F5A1C79}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{3ACD3BB5-7FEE-4E2F-BFF3-0C8E870690E1}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{A7403A41-3688-486B-88CF-0BB1B06CC8C9}] => (Allow) P:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{5C96A6A3-1716-4911-9EE2-C71F2A37972E}] => (Allow) P:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{03990981-0EBD-4B32-9633-FEB2D85D200A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{A011DABF-9878-4B0B-8354-6E8A1385337F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{47448730-08BD-43BC-BB82-1FAA599BB44B}] => (Allow) P:\Program Files (x86)\Zoiper\Zoiper.exe
FirewallRules: [{625E7626-6BBB-493C-9DD5-A0AF650B07DE}] => (Allow) P:\Program Files (x86)\Zoiper\Zoiper.exe
FirewallRules: [UDP Query User{B993CD0C-41CA-48E8-9F46-847AC9725A34}P:\program files (x86)\linphone\bin\linphone.exe] => (Allow) P:\program files (x86)\linphone\bin\linphone.exe
FirewallRules: [TCP Query User{6B8C6092-2D1C-4350-95FD-1C02B8344946}P:\program files (x86)\linphone\bin\linphone.exe] => (Allow) P:\program files (x86)\linphone\bin\linphone.exe
FirewallRules: [UDP Query User{4C747A69-7E89-4B22-A271-68E0288A78B9}P:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) P:\program files (x86)\counterpath\x-lite\x-lite.exe
FirewallRules: [TCP Query User{AC61014E-9EEE-4D8F-9B79-C4EA79F17BDC}P:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) P:\program files (x86)\counterpath\x-lite\x-lite.exe
FirewallRules: [{26287183-442A-4B5F-84E1-8D450C50EE03}] => (Allow) P:\Program Files (x86)\3CXPhone\3CXPhone.exe
FirewallRules: [UDP Query User{F4EAB38A-469B-49ED-B460-B1FCE3428692}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{7D570C8A-6791-4A11-A7B0-FC018A513535}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [{7EC2B7F0-44DB-488D-BD52-3B3356890E39}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{FF93A7B7-BCC1-46A1-B345-334174827118}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{ECAE9224-05C6-4E48-A75F-A5E44A2720C8}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{86F1B61B-E2A7-4257-8DDD-E4D48DC317B2}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [UDP Query User{BDA793DC-A077-4D95-9E50-7F157FBB2BD4}C:\users\benjamin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\benjamin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4B46CC71-8259-4D9A-BE66-6BFBC741EFAA}C:\users\benjamin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\benjamin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EBEE608F-77A4-4D2C-BE6B-F9EC9709F972}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA469317-816E-4ED5-967C-81564783E17D}] => (Allow) P:\Steam\Steam.exe
FirewallRules: [{C73712FE-4BF0-4F11-A2F2-6DC544EB49AC}] => (Allow) P:\Steam\Steam.exe
FirewallRules: [{22564A97-5B3F-48F5-924B-E38DE9BA2921}] => (Allow) P:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2A948B28-A78C-4EB5-8D9F-26743AD00E3C}] => (Allow) P:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E01EC0F4-D46E-4829-A5DB-3058DD255760}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4596A758-2834-43CA-8C29-EFCB0226A95C}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F276FBE1-689E-437A-A62A-9CC5BE47707A}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D39A5B8F-3B9C-4A43-8EF5-BDE6054A7202}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{80C4549B-FC70-4D69-B8D5-747C53356613}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{4C0FB0BC-C6CD-4472-8830-43F2133AF754}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{CCAD0938-3B60-431C-8EC8-386404A9F987}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8A01A504-0A52-486D-A6E1-C4A7E6D5CC6F}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A523D6B8-34CC-43C5-9227-3C5E4208A398}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_launcher.exe
FirewallRules: [{74AC0359-45BC-4470-808F-EEFB49A31507}] => (Allow) F:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_launcher.exe
FirewallRules: [{2ACD65FE-BD14-468A-99D8-D3ABD0290954}] => (Allow) F:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BC4B1C2B-075F-46D2-919A-E436980FA4EE}] => (Allow) F:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{A97339B2-4149-4E86-A421-8F3420E0E317}F:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{F811DBEE-C059-4ACE-BC73-9CE6190B941F}F:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{C0E489C8-7D9C-49D3-B161-5C741EF848BA}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{A4DB8024-80E9-4AD3-940E-F4CF6EA0E10E}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{96C1E189-9D53-4D3A-871A-BB19647A86C8}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{1D7C1C79-81C4-4E5F-934A-E5B347C452E2}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{13407AFA-51DA-4C15-A525-0FF3A73805F9}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{391BB87A-DD90-4B51-86AB-5827FB116CF8}] => (Allow) P:\Games\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{640F932A-D907-4916-BCB6-4A92E5100DD6}] => (Allow) F:\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{BC19AB6A-E2A4-46EE-AF01-6D2215468F82}] => (Allow) F:\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{7BCD0A11-25A4-4B40-84C0-0941AFFFDA06}] => (Allow) F:\Steam\steamapps\common\Train Fever\TrainFever.exe
FirewallRules: [{0CCC7970-1B17-4701-A630-CC03BE3683E4}] => (Allow) F:\Steam\steamapps\common\Train Fever\TrainFever.exe
FirewallRules: [{1CC352A1-5A76-45DF-B014-5625243539B9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2BD0AB0E-6382-4BBE-AD40-9369BF32601A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{80A63B97-F7F6-412A-8D89-6CA65EDF626C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{79A40864-64CE-4D7E-AC00-ECC8E4A82C39}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C8FC5972-CFEC-4EBB-828E-6BA450596ABA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{859779E5-2936-4071-AEBE-5F12359A1DCE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{94D4C796-0F49-4202-9D6C-C942F4E9EABA}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{0A0F2DE7-7698-47BF-8EB9-032E14466559}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{2A579F09-2AFD-4DF1-9799-5F5883FD4974}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{80F790EA-5987-4431-A414-D4641B0726CA}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{4893A3EC-6509-4010-AA53-FEB69B949960}] => (Allow) F:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{0063F1A0-70F2-4464-859F-DAACE4C5708B}] => (Allow) F:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{37E76843-D8A3-4071-9279-DDC3514C4ADD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{4882559A-D432-4D3A-AE63-DF300F340F16}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{22A7C183-B581-4AF2-8E44-483DB07EC93A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{9313BC6B-A3F9-40D5-80EA-1496FE494FD0}] => (Allow) F:\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{12BB9972-A4B8-4199-A291-09ABE2FECD09}] => (Allow) F:\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{6D38C91B-1FE6-449C-A281-B12E1EA239C4}] => (Allow) F:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{039BA2F9-7D29-46F2-A73D-6B87FCA7BD23}] => (Allow) F:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{7D7A552F-195F-47C2-92D7-BC1F0BF002CB}] => (Allow) P:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{507469E0-C95D-4085-B930-BC5150D31FFC}] => (Allow) P:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{02BEF8D5-EFB9-49F4-AF78-ED42467F1D5F}] => (Allow) P:\Steam\steamapps\common\Spintires Combine Tools\SpinTiresEditor.exe
FirewallRules: [{B9FDBC5F-6A2F-4985-9BE3-15D734803EAB}] => (Allow) P:\Steam\steamapps\common\Spintires Combine Tools\SpinTiresEditor.exe
FirewallRules: [{3616CF75-27D7-4FEF-B267-18044C4C006F}] => (Allow) P:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{709E5018-A4CA-4A0C-9442-73D2AAC60852}] => (Allow) P:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{3E7F7E30-80EF-469D-A81F-1440B84F0BE0}] => (Allow) P:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{85695ECD-8BC2-476D-ACFE-FD50D85CB6B0}] => (Allow) P:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{B4197B2B-8C29-46F5-B510-2567853FFE19}] => (Allow) F:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{A7E08206-4D49-49C7-864A-6966DD55DAB2}] => (Allow) F:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{E3DC60C6-7507-45B2-9FB6-CE80DED6DDE7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{90BC111E-FB0C-43ED-B799-613613D656C9}] => (Allow) P:\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{79B12454-0DC5-4F21-83CB-869583B67D22}] => (Allow) P:\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [TCP Query User{F584F19A-C118-4792-AF4B-2BCAFF4DF5DD}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{4412975F-39F3-4B2C-88AF-F72EF74C6F03}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [{1A80A26B-CFFA-4CAE-A761-9E711784A935}] => (Allow) P:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{2D46A4F1-9E11-4BFD-A7A2-1F4072705CA1}] => (Allow) P:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{06D407C2-1C57-4100-831D-97456EAC660A}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A5E7A1AB-6F8B-46BB-9B8D-F2B704508430}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{74432DF7-E8E1-459E-9588-E2FE59A1213D}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A50AA053-96B1-475F-BDA3-10198CEAC1E2}] => (Allow) F:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{806BC321-7A69-42D2-BF99-6FC7B12C176C}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{CA5D6F05-B66F-45F5-B7DA-03050AC6FFB0}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{E69BACDC-32CF-4CCD-B289-D910696F2268}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{6EA42846-DA0E-4542-BD21-99F624A4FD76}] => (Allow) P:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/26/2017 12:33:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000199f4
ID des fehlerhaften Prozesses: 0x7f4
Startzeit der fehlerhaften Anwendung: 0x01d2ee5c91d90318
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 642da390-844b-4cf5-bc7c-cc9226908e01
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/26/2017 10:55:51 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/25/2017 12:29:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hitmanpro_x64.exe, Version: 3.7.20.286, Zeitstempel: 0x58e5ec3b
Name des fehlerhaften Moduls: hitmanpro_x64.exe, Version: 3.7.20.286, Zeitstempel: 0x58e5ec3b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000002bfb49
ID des fehlerhaften Prozesses: 0xc20
Startzeit der fehlerhaften Anwendung: 0x01d2ed9d0142e4c4
Pfad der fehlerhaften Anwendung: D:\Downloads\hitmanpro_x64.exe
Pfad des fehlerhaften Moduls: D:\Downloads\hitmanpro_x64.exe
Berichtskennung: 6054fdc9-115b-419f-bf2b-03a5f9051906
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/25/2017 02:10:49 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-D3G9100)
Description: Die Anwendung oder der Dienst "Adobe Active File Monitor V9" konnte nicht neu gestartet werden.

Error: (06/25/2017 01:52:04 AM) (Source: NetBalancer 9.5.6) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.

Error: (06/25/2017 01:01:49 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/25/2017 12:52:03 AM) (Source: NetBalancer 9.5.6) (EventID: 0) (User: )
Description: This version of NetBalancer is outdated, please download a new one from our website.

Error: (06/25/2017 12:51:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 4.1.1.202, Zeitstempel: 0x5934127c
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2704.1434.0, Zeitstempel: 0x5798eeba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00be5cc7
ID des fehlerhaften Prozesses: 0x41f8
Startzeit der fehlerhaften Anwendung: 0x01d2ecfeb8d39f41
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: f17d0d35-bc33-4310-b4a8-249d70650725
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/24/2017 05:33:47 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/24/2017 01:31:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: nvxdsyncplugin.dll_unloaded, Version: 8.17.13.8205, Zeitstempel: 0x590793c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000046f85
ID des fehlerhaften Prozesses: 0x3d2c
Startzeit der fehlerhaften Anwendung: 0x01d2ec78cb2f58bd
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: nvxdsyncplugin.dll
Berichtskennung: 96759dd5-0239-45c4-b0d8-94da24f727ac
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (06/26/2017 12:33:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (06/26/2017 12:33:32 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1

Error: (06/26/2017 12:33:32 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1

Error: (06/26/2017 12:33:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/26/2017 11:14:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (06/26/2017 11:14:04 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1

Error: (06/26/2017 11:14:04 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1

Error: (06/26/2017 11:13:32 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA Display Container LS" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (06/26/2017 11:13:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/26/2017 11:13:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-06-25 01:02:12.255
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:45.492
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:41.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.703
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.539
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.511
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.218
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:34.037
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-25 01:01:33.828
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8134.78 MB
Verfügbarer physikalischer RAM: 4642.05 MB
Summe virtueller Speicher: 9414.78 MB
Verfügbarer virtueller Speicher: 4901.76 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.75 GB) (Free:19.66 GB) NTFS
Drive d: (Laufwerk) (Fixed) (Total:465.09 GB) (Free:96.88 GB) NTFS
Drive f: () (Fixed) (Total:238.47 GB) (Free:26.42 GB) NTFS
Drive p: (Laufwerk) (Fixed) (Total:466.42 GB) (Free:99.43 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: CE7BE18A)
Partition 2: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 5A9238A8)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 51578DF8)
Partition 1: (Not Active) - (Size=465.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Antwort

Themen zu Weiterleitungen und Werbung in allen Browsern
angeboten, anti-malware, avg, browser, browsern, durchgeführt, ebenfalls, free, gen, geschlossen, google, heute, installierte, kostenlose, leeren, link, malwarebytes, scan, seite, spiel, versucht, virenscan, weitergeleitet, werbung, youtube



Ähnliche Themen: Weiterleitungen und Werbung in allen Browsern


  1. Win7 Werbung auf allen Browsern
    Log-Analyse und Auswertung - 17.01.2016 (11)
  2. Ständige Werbung in allen Browsern unter Windows 10
    Log-Analyse und Auswertung - 15.08.2015 (11)
  3. Win7, Seiten ploppen auf, Weiterleitungen und nervige Werbung in allen Browsern
    Log-Analyse und Auswertung - 13.11.2014 (12)
  4. Ständige Werbung in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (10)
  5. Pop-Up Fenster in allen Browsern - Win 7
    Log-Analyse und Auswertung - 23.06.2014 (5)
  6. Werbung auf allen browsern, adope flash player hängt sich immer auf
    Plagegeister aller Art und deren Bekämpfung - 30.03.2014 (19)
  7. Werbung in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 27.11.2013 (12)
  8. Windows Vista: Werbung von a2ZLyrics in allen Browsern
    Log-Analyse und Auswertung - 09.11.2013 (11)
  9. Blaue Werbung in allen Browsern!
    Log-Analyse und Auswertung - 14.10.2013 (4)
  10. PopUps in allen Browsern (IE&FF) und Werbung auf Websites, die nicht daher stammt
    Log-Analyse und Auswertung - 22.05.2013 (31)
  11. Fenster links unten in allen Browsern mit lästiger Werbung, teilweise falsche link weiterleitung, UpdatusUser in C:\Dokumente und Einstellu
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (18)
  12. Werbung in allen Browsern
    Log-Analyse und Auswertung - 06.12.2012 (22)
  13. Ad.Yieldmanager.Com - Werbefenster und Weiterleitungen in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (13)
  14. Werbeeinblendung in allen Browsern, gelegentlich Link-Weiterleitungen.
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (19)
  15. Seitenladefehler bei Youtube mit allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 21.10.2011 (16)
  16. immer werbung bei allen browsern
    Log-Analyse und Auswertung - 19.10.2008 (48)
  17. Probleme mit allen Browsern
    Log-Analyse und Auswertung - 01.10.2006 (9)

Zum Thema Weiterleitungen und Werbung in allen Browsern - Hallo, ich habe seit heute Abend in allen installierten Browsern (Edge, Chrome, Tor) bei Google unter der Suchleiste einen großen Werbebanner und bei Youtube unter jeder Zeile (Abos, Trends, Kanalempfehlungen - Weiterleitungen und Werbung in allen Browsern...
Archiv
Du betrachtest: Weiterleitungen und Werbung in allen Browsern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.