Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Komischer Pop Up Virus?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.01.2019, 13:57   #1
GlowedUp
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Liebe Community.

Seit gestern bekomme ich ständig diese komischen Pop Ups in Windows Design. Sie bleiben auch am Bildschirm bestehen, wenn ich Google Chrome schließe. Hab Spybot suchen lassen und bereinigt, hab Malwarebytes ausgeführt und gefundenes Behoben aber keine Ergebnisse. Wenn man auf close klickt, dann kommt ein neues Pop-Up, das geht dann ca 3 Mal so...
Hab auch schon das Repair tool von Google Chrome selbst probiert, das hat aber nichts gefunden. Kann mir aber sogar vorstellen was passiert sein könnte: Die Pop-Ups verweisen alle samt auf sendspace.com. werde da wohl irgendwas runtergeladen haben
Im Anhang mal ein Screenshot davon, freue mich auf eure Hilfe!
Angehängte Grafiken
Dateityp: png Screenshot (2).png (102,0 KB, 23x aufgerufen)

Alt 05.01.2019, 18:48   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Zitat:
hab Malwarebytes ausgeführt und gefundenes Behoben aber keine Ergebnisse.
Das ist ja nun Blödsinn. Malwarebytes erstellt immer Logfiles.
__________________

__________________

Alt 05.01.2019, 19:12   #3
GlowedUp
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Was ich damit meinte war: Problem besteht weiterhin. Muss ich davon ausgehen, dass es ein Virus ist? Mittlerweile habe ich das Problem glaub ich bisschen in den Griff bekommen. Die Pop-Ups scheinen weg zu sein, ich habe das Windows Benachrichtigungscenter überprüft und paar Sachen deaktiviert, seitdem keine neuen Anzeigen mehr bekommen. Trotzdem bin ich mir nicht sicher, woher das überhaupt kam und ob es das jetzt war. Kann ich beruhigt sein, da ich ja auch schon Spybot und Adwcleaner laufen hab lassen. Adwcleaner hat auch ein Logfile erstellt, stimmt, ich kenne mich aber so 0 mit sowas aus, dass mir das gar nix sagt und ich wusste nicht, wo und wann ich das Logfile posten soll.

Hier die logs:

Scan:

Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2019-01-02.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-05-2019
# Duration: 00:01:00
# OS:       Windows 10 Pro
# Scanned:  32243
# Detected: 47


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.FoxTab             C:\Program Files (x86)\FoxTab
PUP.Optional.FoxTab             C:\Users\User\AppData\Roaming\FoxTab
PUP.Optional.Legacy             C:\Users\User\AppData\Roaming\dvdvideosoftiehelpers

***** [ Files ] *****

PUP.Optional.DriverWhiz         C:\Users\User\Downloads\Driverwhiz.exe
PUP.Optional.Legacy             C:\END
PUP.Optional.Reimage            C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.FoxTab             C:\Windows\Tasks\FoxTab.job
PUP.Optional.FoxTab             C:\Windows\System32\Tasks\FoxTab

***** [ Registry ] *****

PUP.CrossRider.Heuristic        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75ce0034-cbde-41dd-a27d-bb7989021866}
PUP.CrossRider.Heuristic        HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75ce0034-cbde-41dd-a27d-bb7989021866}
PUP.Optional.FoxTab             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BFC4082-B0EE-4BDA-85BF-B9365845A14A}
PUP.Optional.FoxTab             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BFC4082-B0EE-4BDA-85BF-B9365845A14A}
PUP.Optional.FoxTab             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FoxTab
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{30BFCBA5-7763-43E1-9542-8CA19CAABF11}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{555355FD-C60F-431A-9B25-D9353633BBB6}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.avira.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Search Page
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Search Page
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
PUP.Optional.SlimCleanerPlus    HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
PUP.Optional.SlimCleanerPlus    HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
PUP.Optional.SofTonicAssistant  HKCU\Software\Softonic
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy             bopakagnckmlgajfccecajhnimjiiedh

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

PUP.Conduit.Heuristic           hxxp://www.bing.com/?pc=COSP&ptag=D010419-N0600A9FCDBB39EF&form=CONMHP&conlogo=CT3335799



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
         
Nach Bereinigung:

Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2019-01-02.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-05-2019
# Duration: 00:00:06
# OS:       Windows 10 Pro
# Cleaned:  47
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\FoxTab
Deleted       C:\Users\User\AppData\Roaming\FoxTab
Deleted       C:\Users\User\AppData\Roaming\dvdvideosoftiehelpers

***** [ Files ] *****

Deleted       C:\Users\User\Downloads\Driverwhiz.exe
Deleted       C:\END
Deleted       C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\Tasks\FoxTab.job
Deleted       C:\Windows\System32\Tasks\FoxTab

***** [ Registry ] *****

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75ce0034-cbde-41dd-a27d-bb7989021866}
Deleted       HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75ce0034-cbde-41dd-a27d-bb7989021866}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BFC4082-B0EE-4BDA-85BF-B9365845A14A}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BFC4082-B0EE-4BDA-85BF-B9365845A14A}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FoxTab
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Wow6432Node\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted       HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{30BFCBA5-7763-43E1-9542-8CA19CAABF11}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{555355FD-C60F-431A-9B25-D9353633BBB6}
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.avira.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Search Page
Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Search Page
Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted       HKCU\Software\Softonic
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted       bopakagnckmlgajfccecajhnimjiiedh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       hxxp://www.bing.com/?pc=COSP&ptag=D010419-N0600A9FCDBB39EF&form=CONMHP&conlogo=CT3335799


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5871 octets] - [05/01/2019 10:37:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         
__________________

Geändert von cosinus (05.01.2019 um 22:06 Uhr) Grund: code tags

Alt 05.01.2019, 22:05   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Die Logs klatscht man hier nicht einfach so rein, verwende bitte immer CODE-Tags

Wo sind die Logs von Malwarebytes, du hast die vom adwCleaner gepostet.


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.01.2019, 13:44   #5
GlowedUp
 
Komischer Pop Up Virus? - Standard

Log Files



Sorry, hier die Malwarebytes Log-Files:

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 06.01.19
Scan-Zeit: 13:28
Protokolldatei: 895395ec-11ae-11e9-a024-d43d7edd0154.json

-Softwaredaten-
Version: 3.6.1.2711
Komponentenversion: 1.0.508
Version des Aktualisierungspakets: 1.0.8649
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.472)
CPU: x64
Dateisystem: NTFS
Benutzer: USER-PC\User

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 417170
Erkannte Bedrohungen: 93
In die Quarantäne verschobene Bedrohungen: 93
Abgelaufene Zeit: 14 Min., 14 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 3
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F8B48D3-4887-4A62-A603-B04FDB046E70}, In Quarantäne, [420], [237509],1.0.8649
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9f8b48d3-4887-4a62-a603-b04fdb046e70}, In Quarantäne, [420], [237509],1.0.8649
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, In Quarantäne, [290], [550469],1.0.8649

Registrierungswert: 4
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9f8b48d3-4887-4a62-a603-b04fdb046e70}|APPNAME, In Quarantäne, [420], [237509],1.0.8649
PUP.Optional.DefaultSearch, HKU\S-1-5-21-219060023-492270685-2655468913-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9f8b48d3-4887-4a62-a603-b04fdb046e70}|APPNAME, In Quarantäne, [420], [237509],1.0.8649
PUP.Optional.DVDVideoSoft, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{ACAA314B-EEBA-48E4-AD47-84E31C44796C}, In Quarantäne, [1952], [415959],1.0.8649

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 14
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\browsericons, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\de, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\en, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\es, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\fr, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_metadata, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\lib, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, In Quarantäne, [290], [550469],1.0.8649

Datei: 72
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_easypdfcombine.dl.myway.com_0.localstorage, In Quarantäne, [1720], [443124],1.0.8649
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_easypdfcombine.dl.myway.com_0.localstorage-journal, In Quarantäne, [1720], [443124],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\adaware.eot, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\adaware.svg, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\adaware.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\adaware.woff, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-book.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-bookitalic.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-light.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-lightitalic.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-medium.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-mediumitalic.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-semibold.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\canaro-semibolditalic.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\fontawesome-webfont.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\fonts\segoeui.ttf, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\auto-complete.css, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\flexbox.css, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\new-tab.css, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\normalize.css, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\css\roboto.css, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\browsericons\icon19.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\browsericons\icon38.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\abstract_default.jpg, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\adaware_secure_search.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\animals_default.jpg, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\dot.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\dot_color.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\dropdown_arrow.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\icon_128.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\icon_16.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\icon_check.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\magnifier_icon.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\nature_default.jpg, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\settings_icon.png, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\img\urban_default.jpg, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\lib\auto-complete.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\lib\publicsuffixlist.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\adaware-telemetry.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\adaware-utils.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\background.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\contentscript.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\i18n.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\load-new.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\messaging.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\new-tab.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\pagestore.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\polyfill.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\start.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\storage.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\tab.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\traffic.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\uritools.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\vapi-background.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\vapi-client.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\js\vapi-common.js, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\de\messages.json, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\en\messages.json, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\es\messages.json, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_locales\fr\messages.json, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\_metadata\verified_contents.json, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\background.html, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\LICENSE.txt, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\load-new.html, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\manifest.json, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj\1.3.10.4_0\new-tab.html, In Quarantäne, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, [290], [550469],1.0.8649
PUP.Optional.DefaultSearch, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Ersetzt, [290], [550469],1.0.8649
PUP.Optional.Conduit, C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DYUAAUNX.DEFAULT-1443111481652\PREFS.JS, Ersetzt, [215], [301520],1.0.8649
PUP.Optional.InstallCore, C:\USERS\USER\APPDATA\ROAMING\POWERISO\UPGRADE\POWERISO7-X64.EXE, In Quarantäne, [415], [550615],1.0.8649
PUP.Optional.ChipDe, C:\USERS\USER\DOWNLOADS\TROJAN REMOVER - CHIP-INSTALLER.EXE, In Quarantäne, [488], [562568],1.0.8649
PUP.Optional.DefaultSearch, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, [290], [469798],1.0.8649

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         


Alt 07.01.2019, 09:06   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Was soll denn das jetzt? Wieso postest du ein Log von einem neuen Scan? Wo sind die Logs von den Scans davor?
__________________
--> Komischer Pop Up Virus?

Alt 07.01.2019, 18:11   #7
GlowedUp
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Ich hab Malwarebytes und Adwcleaner miteinander verwechselt, von Malwarebytes gabs davor keine Logs. hab mir das erst runtergeladen, nachdem du danach gefragt hast, da mir dann aufgefallen ist, dass es nicht das selbe ist. Wie gesagt, ich hab quasi 0 Erfahrung mit sowas und das 1. Mal in meinem Leben mit Logs zutun. sorry dafür. kannst du mit dem Log jetzt nichts anfangen? BZW: Was soll ich im Moment tun? Wie gesagt, die popups sind weg, ich will mich aber nicht in falscher Sicherheit wiegen. Mache jetzt seitdem jeden Tag einen Scan mit Malwarebytes und hoffe auf das beste.

Alt 07.01.2019, 21:06   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.01.2019, 21:53   #9
GlowedUp
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von User (Administrator) auf USER-PC (07-01-2019 21:39:27)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> Registry
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\PrivateVPN Client\PrivateVpnDaemon.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(CMedia) C:\Program Files\Roccat\Kave XTD Headset\KaveXTDMonitor.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABBSWK.EXE
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Cm106Sound] => C:\Program Files\Roccat\Kave XTD Headset\KaveXTDMonitor.exe [2200688 2014-01-02] (CMedia)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2018-06-23] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454792 2016-06-07] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1321984 2018-09-05] (Cisco Systems, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [5915776 2016-03-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [Line] => C:\Users\User\AppData\Local\Line\bin\LineLauncher.exe [637536 2018-09-13] (LINE Corporation)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [DVSSkypeRecorder] => C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [1053544 2015-10-29] (DVDVideoSoft Ltd.)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [f.lux] => C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [6410312 2018-04-05] (GOG.com)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [Steam] => C:\Games\Steam\steam.exe [3208992 2018-10-13] (Valve Corporation)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [25972968 2019-01-05] (Spotify Ltd)
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Run: [EpicGamesLauncher] => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2017-01-29]
ShortcutTarget: DS4Windows.lnk -> C:\Users\User\Desktop\DS4 ps4 controller\DS4Windows.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2df5324d-385a-44a0-8c4b-a06da75b2b67}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a1987d99-ce8b-417a-a461-35571f8332df}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\S-1-5-21-219060023-492270685-2655468913-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-11-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2019-01-04] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => Keine Datei
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-31] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2019-01-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-31] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dyuaaunx.default-1443111481652
FF Homepage: hxxps://www.google.com/
FF DefaultSearchEngine: Bing Search Engine
FF SelectedSearchEngine: Bing Search Engine
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-05] ()
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-06] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-04] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-02-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-02-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-02-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-02-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-02-20] (Apple Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dyuaaunx.default-1443111481652\searchplugins\bing-lavasoft-ff59.xml [2019-01-04]
FF Extension: Kein Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\dyuaaunx.default-1443111481652\Extensions\firefox@mega.co.nz.xpi [2018-11-02]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/ca/u/0/#inbox/14a6f79c9a9a4fd0","hxxps://www.google.com/calendar/render?tab=mc&pli=1#g%7Cweek-2+22941+23076+23076"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-29]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Honey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-11-13]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]
CHR Extension: (auto-resume downloads) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cklhieaaomjcmlaeopmeidpfdjjogjaf [2018-03-13]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
CHR Extension: (Evernote Web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2016-08-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-12-12]
CHR Extension: (Kein Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lonejpghplnechighncmcldilpfminkj [2018-03-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-07]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-04]
CHR HKU\S-1-5-21-219060023-492270685-2655468913-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
S4 AppVClient; C:\Windows\system32\AppVClient.exe [826776 2018-05-21] (Microsoft Corporation)
S3 AssignedAccessManagerSvc; C:\Windows\System32\assignedaccessmanagersvc.dll [604672 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2018-12-14] (Microsoft Corporation)
S3 BcastDVRUserService_3e06102; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService_3e06102; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1547200 2017-10-22] ()
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_3e06102; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_3e06102; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
S3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2018-06-15] (Microsoft Corporation)
S3 CaptureService; C:\Windows\System32\CaptureService.dll [125952 2018-04-12] (Microsoft Corporation)
S3 CaptureService_3e06102; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 CaptureService_3e06102; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453632 2018-10-21] (Microsoft Corporation)
R2 CDPUserSvc_3e06102; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
R2 CDPUserSvc_3e06102; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522536 2018-12-10] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc_3e06102; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc_3e06102; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc_3e06102; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 DevicesFlowUserSvc_3e06102; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-05] (Digital Wave Ltd.) [Datei ist nicht signiert]
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [663624 2018-04-05] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8135752 2018-04-05] (GOG.com)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-02-19] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Datei ist nicht signiert]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-11-09] (Microsoft Corporation)
S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-11-09] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [767472 2018-09-06] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [629800 2018-07-19] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_3e06102; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_3e06102; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
R2 PrivateVPN Daemon; C:\Program Files (x86)\PrivateVPN Client\PrivateVpnDaemon.exe [10752 2018-07-27] () [Datei ist nicht signiert]
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) [Datei ist nicht signiert]
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.) [Datei ist nicht signiert]
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [Datei ist nicht signiert]
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [326336 2018-12-02] (Microsoft Corporation)
S3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2018-11-01] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2018-11-01] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S4 UevAgentService; C:\Windows\system32\AgentService.exe [1189376 2018-04-12] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2018-11-09] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-05-20] (Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-12] (Microsoft Corporation)
R2 WpnUserService_3e06102; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
R2 WpnUserService_3e06102; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2015-10-02] (Wacom Technology, Corp.)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S3 AppvStrm; C:\Windows\system32\drivers\AppvStrm.sys [127384 2018-04-12] (Microsoft Corporation)
S3 AppvVemgr; C:\Windows\system32\drivers\AppvVemgr.sys [162712 2018-04-12] (Microsoft Corporation)
S3 AppvVfs; C:\Windows\system32\drivers\AppvVfs.sys [143768 2018-04-12] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92688 2018-12-08] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
S3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2018-07-14] (Microsoft Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2018-12-14] (Microsoft Corporation)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-01-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-01-06] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72536 2019-01-06] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-01-06] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [113016 2019-01-07] (Malwarebytes)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
R0 MsSecFlt; C:\Windows\System32\drivers\mssecflt.sys [304144 2018-12-08] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-08-21] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_adc520364db29861\nvlddmkm.sys [17213832 2018-09-06] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
R3 ROCCATKV; C:\Windows\system32\DRIVERS\ROCCATKV.SYS [578560 2013-11-05] (C-Media Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek                                            )
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
R3 tap0901_openvpn_accl; C:\Windows\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-12-11] (The OpenVPN Project)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
S4 UevAgentDriver; C:\Windows\system32\drivers\UevAgentDriver.sys [40344 2018-04-12] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [73616 2018-09-05] (Cisco Systems, Inc.)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [151960 2018-04-12] (Microsoft Corporation)
R3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2018-10-21] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [38368 2017-08-10] (Wellbia.com Co., Ltd.)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-01-07 21:39 - 2019-01-07 21:40 - 00042706 _____ C:\Users\User\Downloads\FRST.txt
2019-01-07 19:32 - 2019-01-07 19:33 - 05216898 _____ C:\Users\User\Downloads\M5-Zusammenfassung.pdf
2019-01-06 21:02 - 2019-01-06 21:02 - 00000000 ____D C:\Users\User\Desktop\Bastiordner
2019-01-06 20:20 - 2019-01-06 20:20 - 00095564 _____ C:\Users\User\Downloads\Studienzeitenbescheinigung.pdf
2019-01-06 20:19 - 2019-01-06 20:19 - 00210370 _____ C:\Users\User\Downloads\report-9c204121-2475-4971-a8f4-49b72bda2cee1741669950757690201.pdf
2019-01-06 13:27 - 2019-01-07 18:05 - 00113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-06 13:27 - 2019-01-06 13:27 - 00198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-06 13:27 - 2019-01-06 13:27 - 00126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-06 13:27 - 2019-01-06 13:27 - 00072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-06 13:27 - 2019-01-06 13:27 - 00000000 ____D C:\Users\User\AppData\Local\mbamtray
2019-01-06 13:27 - 2019-01-06 13:27 - 00000000 ____D C:\Users\User\AppData\Local\mbam
2019-01-06 13:26 - 2019-01-06 13:26 - 81227760 _____ (Malwarebytes ) C:\Users\User\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe
2019-01-06 13:26 - 2019-01-06 13:26 - 00261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-06 13:26 - 2019-01-06 13:26 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-06 13:26 - 2019-01-06 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-06 13:26 - 2019-01-06 13:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2019-01-06 13:26 - 2019-01-06 13:26 - 00000000 ____D C:\Program Files\Malwarebytes
2019-01-06 13:26 - 2018-12-04 08:09 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-05 12:05 - 2019-01-05 12:06 - 00205154 _____ C:\WINDOWS\ntbtlog.txt
2019-01-05 12:05 - 2019-01-05 12:05 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-05 11:45 - 2019-01-05 19:40 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2019-01-05 11:45 - 2019-01-05 11:45 - 00000000 ____D C:\ProgramData\Simply Super Software
2019-01-05 10:36 - 2019-01-05 10:37 - 00000000 ____D C:\AdwCleaner
2019-01-05 10:35 - 2019-01-05 10:35 - 07320272 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_7.2.6.0.exe
2019-01-05 10:33 - 2019-01-05 10:44 - 00000000 ____D C:\Users\User\Desktop\Neuer Ordner
2019-01-05 01:14 - 2019-01-07 21:39 - 00000000 ____D C:\FRST
2019-01-05 01:14 - 2019-01-05 01:14 - 02375168 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2019-01-05 01:13 - 2019-01-05 01:13 - 01725952 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2019-01-05 00:41 - 2019-01-05 00:41 - 00002365 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-05 00:41 - 2019-01-05 00:41 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-04 22:44 - 2019-01-04 22:49 - 00000000 ____D C:\Users\User\Desktop\classic wow
2019-01-04 18:34 - 2019-01-04 19:09 - 00000000 ____D C:\Users\User\Desktop\World of Warcraft - WoTLK
2019-01-04 18:32 - 2019-01-04 21:24 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2019-01-04 12:06 - 2018-12-14 13:24 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-04 12:06 - 2018-12-14 08:29 - 06567472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-04 12:06 - 2018-12-14 08:29 - 01130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-01-04 12:06 - 2018-12-14 08:25 - 01035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-04 12:06 - 2018-12-14 08:23 - 01221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-04 12:06 - 2018-12-14 08:23 - 01029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-04 12:06 - 2018-12-14 08:23 - 00566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-04 12:06 - 2018-12-14 08:23 - 00134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-04 12:06 - 2018-12-14 08:23 - 00076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-04 12:06 - 2018-12-14 08:22 - 09084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-04 12:06 - 2018-12-14 08:22 - 07520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-04 12:06 - 2018-12-14 08:21 - 01457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-04 12:06 - 2018-12-14 08:21 - 01257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-04 12:06 - 2018-12-14 08:21 - 01140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-04 12:06 - 2018-12-14 08:21 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-01-04 12:06 - 2018-12-14 08:21 - 00982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-04 12:06 - 2018-12-14 08:13 - 05775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-04 12:06 - 2018-12-14 08:12 - 05307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-04 12:06 - 2018-12-14 08:10 - 01295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-01-04 12:06 - 2018-12-14 08:07 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-04 12:06 - 2018-12-14 07:55 - 03396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-04 12:06 - 2018-12-14 07:55 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-01-04 12:06 - 2018-12-14 07:54 - 06032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-04 12:06 - 2018-12-14 07:54 - 01307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-01-04 12:06 - 2018-12-14 07:54 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-04 12:06 - 2018-12-14 07:53 - 07573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-04 12:06 - 2018-12-14 07:52 - 02173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-04 12:06 - 2018-12-14 07:52 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-01-04 12:06 - 2018-12-14 07:51 - 01551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-04 12:06 - 2018-12-14 07:50 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-04 12:06 - 2018-12-14 06:34 - 00001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-12-15 00:29 - 2018-12-15 00:29 - 00064276 _____ C:\Users\User\Desktop\pippi-langstrump-weed-640x250.jpg
2018-12-12 18:09 - 2018-12-08 08:49 - 25855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 01786896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 01627656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 01422864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 01048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 01038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 00830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 00750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 00670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 00645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-12-12 18:08 - 2018-12-08 13:47 - 00495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-12-12 18:08 - 2018-12-08 13:46 - 00549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-12-12 18:08 - 2018-12-08 13:42 - 04527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-12 18:08 - 2018-12-08 13:42 - 01634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-12 18:08 - 2018-12-08 13:42 - 01616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-12 18:08 - 2018-12-08 13:41 - 02394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-12-12 18:08 - 2018-12-08 13:41 - 00481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-12-12 18:08 - 2018-12-08 13:40 - 01454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-12 18:08 - 2018-12-08 13:29 - 13572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 18:08 - 2018-12-08 13:28 - 12710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-12 18:08 - 2018-12-08 13:28 - 06586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-12 18:08 - 2018-12-08 13:28 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-12 18:08 - 2018-12-08 13:27 - 05657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-12 18:08 - 2018-12-08 13:25 - 12500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 18:08 - 2018-12-08 13:25 - 11902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-12 18:08 - 2018-12-08 13:23 - 03649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-12 18:08 - 2018-12-08 13:23 - 02892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-12 18:08 - 2018-12-08 13:23 - 01856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 18:08 - 2018-12-08 13:23 - 01661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 18:08 - 2018-12-08 13:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 18:08 - 2018-12-08 13:22 - 01469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 18:08 - 2018-12-08 13:22 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-12 18:08 - 2018-12-08 09:07 - 05625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-12-12 18:08 - 2018-12-08 09:07 - 01328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-12 18:08 - 2018-12-08 09:07 - 01063416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-12-12 18:08 - 2018-12-08 09:06 - 01017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-12 18:08 - 2018-12-08 09:06 - 00777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-12 18:08 - 2018-12-08 09:06 - 00491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-12 18:08 - 2018-12-08 09:06 - 00433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-12 18:08 - 2018-12-08 09:05 - 07436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-12 18:08 - 2018-12-08 09:05 - 02822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-12 18:08 - 2018-12-08 09:05 - 02463384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-12 18:08 - 2018-12-08 09:05 - 01935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-12-12 18:08 - 2018-12-08 09:05 - 01209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-12-12 18:08 - 2018-12-08 09:05 - 00793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-12-12 18:08 - 2018-12-08 09:05 - 00594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-12-12 18:08 - 2018-12-08 09:05 - 00130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-12 18:08 - 2018-12-08 09:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-12 18:08 - 2018-12-08 09:04 - 04404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-12 18:08 - 2018-12-08 09:04 - 02371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-12 18:08 - 2018-12-08 09:04 - 01943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-12 18:08 - 2018-12-08 09:04 - 01188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 18:08 - 2018-12-08 09:04 - 00604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-12 18:08 - 2018-12-08 09:04 - 00416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-12-12 18:08 - 2018-12-08 09:04 - 00268280 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-12-12 18:08 - 2018-12-08 09:04 - 00260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-12-12 18:08 - 2018-12-08 08:47 - 00861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-12 18:08 - 2018-12-08 08:47 - 00785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 18:08 - 2018-12-08 08:46 - 02331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-12 18:08 - 2018-12-08 08:46 - 01989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-12 18:08 - 2018-12-08 08:46 - 00665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-12 18:08 - 2018-12-08 08:46 - 00457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-12-12 18:08 - 2018-12-08 08:45 - 06043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-12 18:08 - 2018-12-08 08:45 - 04789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-12 18:08 - 2018-12-08 08:45 - 02307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-12-12 18:08 - 2018-12-08 08:45 - 01805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-12-12 18:08 - 2018-12-08 08:45 - 01620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-12 18:08 - 2018-12-08 08:45 - 01379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-12-12 18:08 - 2018-12-08 08:45 - 01011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-12-12 18:08 - 2018-12-08 08:42 - 22715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-12 18:08 - 2018-12-08 08:42 - 09084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-12-12 18:08 - 2018-12-08 08:41 - 07057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-12-12 18:08 - 2018-12-08 08:40 - 04710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-12 18:08 - 2018-12-08 08:40 - 04384768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-12-12 18:08 - 2018-12-08 08:38 - 22016000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-12-12 18:08 - 2018-12-08 08:38 - 03392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-12 18:08 - 2018-12-08 08:38 - 02739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-12 18:08 - 2018-12-08 08:38 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-12 18:08 - 2018-12-08 08:37 - 02825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-12-12 18:08 - 2018-12-08 08:37 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-12 18:08 - 2018-12-08 08:36 - 03381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-12-12 18:08 - 2018-12-08 08:36 - 03090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-12 18:08 - 2018-12-08 08:36 - 02364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-12-12 18:08 - 2018-12-08 08:36 - 01768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-12-12 18:08 - 2018-12-08 08:36 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-12-12 18:08 - 2018-12-08 08:36 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-12 18:08 - 2018-12-08 08:35 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2018-12-12 18:08 - 2018-12-08 08:35 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-12-12 18:08 - 2018-12-08 08:35 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-12 18:08 - 2018-12-08 08:34 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-12-12 18:08 - 2018-12-08 08:34 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-12-12 18:08 - 2018-12-08 08:34 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-12-12 18:08 - 2018-12-08 08:34 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2018-12-12 18:08 - 2018-12-08 08:34 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-12-12 18:08 - 2018-12-08 08:34 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-12 18:08 - 2018-12-08 08:33 - 19405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-12 18:08 - 2018-12-08 08:33 - 02904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-12 18:08 - 2018-12-08 08:33 - 01457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-12-12 18:08 - 2018-12-08 08:33 - 01264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-12-12 18:08 - 2018-12-08 08:33 - 01058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-12 18:08 - 2018-12-08 08:33 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-12-12 18:08 - 2018-12-08 08:33 - 00823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-12-12 18:08 - 2018-12-08 08:32 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-12 18:08 - 2018-12-08 08:32 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-12-12 18:08 - 2018-12-08 08:32 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 18:08 - 2018-12-08 08:30 - 06647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-12-12 18:08 - 2018-12-08 08:30 - 02966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-12 18:08 - 2018-12-08 08:29 - 05883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-12-12 18:08 - 2018-12-08 08:29 - 02700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-12 18:08 - 2018-12-08 08:28 - 02258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-12 18:08 - 2018-12-08 08:28 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-12 18:08 - 2018-12-08 08:27 - 02449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-12-12 18:08 - 2018-12-08 08:27 - 01986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-12-12 18:08 - 2018-12-08 08:27 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-12-12 18:08 - 2018-12-08 08:26 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-12-12 18:08 - 2018-12-08 08:25 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-12-12 18:08 - 2018-12-08 08:25 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-12 18:08 - 2018-12-08 08:24 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-12 18:08 - 2018-12-08 08:24 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 18:08 - 2018-11-09 07:15 - 21388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-12 18:08 - 2018-11-09 06:59 - 08623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-12-12 18:08 - 2018-11-09 06:58 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-12-12 18:08 - 2018-11-09 06:57 - 04491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-12-12 18:08 - 2018-11-09 06:56 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-12-12 18:08 - 2018-11-09 06:55 - 01254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-12 18:08 - 2018-11-09 06:55 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-12-12 18:08 - 2018-11-09 06:54 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-12-12 18:08 - 2018-11-09 06:32 - 20383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-12 18:08 - 2018-11-09 06:20 - 07987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-12-12 18:08 - 2018-11-09 06:20 - 03397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-12-12 18:08 - 2018-11-09 06:17 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-12-12 18:08 - 2018-11-09 03:56 - 01213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-12-12 18:08 - 2018-11-09 03:49 - 00723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-12-12 18:08 - 2018-11-09 03:48 - 03179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-12-12 18:08 - 2018-11-09 03:48 - 02719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-12 18:08 - 2018-11-09 03:48 - 01613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-12 18:08 - 2018-11-09 03:48 - 00899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-12-12 18:08 - 2018-11-09 03:48 - 00766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-12-12 18:08 - 2018-11-09 03:48 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-12 18:08 - 2018-11-09 03:47 - 02765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-12-12 18:08 - 2018-11-09 03:47 - 02571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-12-12 18:08 - 2018-11-09 03:47 - 02062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-12-12 18:08 - 2018-11-09 03:47 - 01285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-12 18:08 - 2018-11-09 03:47 - 00930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-12-12 18:08 - 2018-11-09 03:47 - 00537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-12-12 18:08 - 2018-11-09 03:21 - 04866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-12 18:08 - 2018-11-09 03:21 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-12 18:08 - 2018-11-09 03:20 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-12-12 18:08 - 2018-11-09 03:20 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-12-12 18:08 - 2018-11-09 03:19 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-12-12 18:08 - 2018-11-09 03:18 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-12 18:08 - 2018-11-09 03:18 - 01487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-12-12 18:08 - 2018-11-09 03:18 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-12-12 18:08 - 2018-11-09 03:17 - 02584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-12 18:08 - 2018-11-09 03:17 - 01069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-12-12 18:08 - 2018-11-09 03:16 - 04939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-12 18:08 - 2018-11-09 03:16 - 02224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-12-12 18:08 - 2018-11-09 03:16 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-12-12 18:08 - 2018-11-09 03:16 - 01225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-12-12 18:08 - 2018-11-09 03:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-12-12 18:08 - 2018-11-09 03:15 - 00943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-12-12 18:08 - 2018-11-09 03:15 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-12 18:08 - 2018-11-09 03:15 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-12-12 18:08 - 2018-11-09 03:15 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-12-12 18:08 - 2018-11-09 03:07 - 02417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-12-12 18:08 - 2018-11-09 03:07 - 01299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-12 18:08 - 2018-11-09 02:48 - 00550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-12-12 18:08 - 2018-11-09 02:46 - 02253184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-12-12 18:08 - 2018-11-09 02:46 - 02161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-12-12 18:08 - 2018-11-09 02:46 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-12-12 18:08 - 2018-11-09 02:46 - 00829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-12-12 18:08 - 2018-11-09 02:46 - 00721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-12-12 18:08 - 2018-11-09 02:46 - 00573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-12-12 18:08 - 2018-11-09 02:29 - 03711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-12 18:08 - 2018-11-09 02:29 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-12-12 18:08 - 2018-11-09 02:28 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-12 18:08 - 2018-11-09 02:26 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-12 18:08 - 2018-11-09 02:26 - 01110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-12-12 18:08 - 2018-11-09 02:25 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-12-12 18:07 - 2018-12-08 13:48 - 00034104 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2018-12-12 18:07 - 2018-12-08 13:47 - 00954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2018-12-12 18:07 - 2018-12-08 13:47 - 00825352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-12-12 18:07 - 2018-12-08 13:47 - 00652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-12-12 18:07 - 2018-12-08 13:47 - 00399880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-12-12 18:07 - 2018-12-08 13:47 - 00258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2018-12-12 18:07 - 2018-12-08 13:47 - 00231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-12-12 18:07 - 2018-12-08 13:47 - 00228368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2018-12-12 18:07 - 2018-12-08 13:47 - 00201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2018-12-12 18:07 - 2018-12-08 13:47 - 00180752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2018-12-12 18:07 - 2018-12-08 13:47 - 00173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2018-12-12 18:07 - 2018-12-08 13:43 - 00304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2018-12-12 18:07 - 2018-12-08 13:39 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-12-12 18:07 - 2018-12-08 13:29 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-12-12 18:07 - 2018-12-08 13:27 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
2018-12-12 18:07 - 2018-12-08 13:27 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-12 18:07 - 2018-12-08 13:27 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-12 18:07 - 2018-12-08 13:27 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-12 18:07 - 2018-12-08 13:23 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-12 18:07 - 2018-12-08 13:23 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-12-12 18:07 - 2018-12-08 09:12 - 00272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-12 18:07 - 2018-12-08 09:12 - 00269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-12 18:07 - 2018-12-08 09:12 - 00092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-12 18:07 - 2018-12-08 09:06 - 00709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-12-12 18:07 - 2018-12-08 09:06 - 00249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2018-12-12 18:07 - 2018-12-08 09:05 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-12 18:07 - 2018-12-08 09:05 - 00706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-12 18:07 - 2018-12-08 09:05 - 00421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2018-12-12 18:07 - 2018-12-08 09:05 - 00413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-12-12 18:07 - 2018-12-08 09:05 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-12-12 18:07 - 2018-12-08 09:04 - 02590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-12-12 18:07 - 2018-12-08 09:04 - 01150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-12-12 18:07 - 2018-12-08 09:04 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-12 18:07 - 2018-12-08 09:04 - 00527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-12 18:07 - 2018-12-08 09:04 - 00413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-12-12 18:07 - 2018-12-08 09:04 - 00375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 18:07 - 2018-12-08 09:04 - 00335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-12-12 18:07 - 2018-12-08 09:04 - 00158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-12 18:07 - 2018-12-08 09:04 - 00128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-12 18:07 - 2018-12-08 09:04 - 00058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-12 18:07 - 2018-12-08 09:04 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2018-12-12 18:07 - 2018-12-08 08:46 - 01397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-12-12 18:07 - 2018-12-08 08:46 - 00101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-12 18:07 - 2018-12-08 08:45 - 00567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-12 18:07 - 2018-12-08 08:45 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-12-12 18:07 - 2018-12-08 08:45 - 00129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-12-12 18:07 - 2018-12-08 08:39 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-12 18:07 - 2018-12-08 08:38 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-12 18:07 - 2018-12-08 08:38 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2018-12-12 18:07 - 2018-12-08 08:38 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-12-12 18:07 - 2018-12-08 08:38 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-12 18:07 - 2018-12-08 08:38 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-12 18:07 - 2018-12-08 08:37 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-12 18:07 - 2018-12-08 08:37 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2018-12-12 18:07 - 2018-12-08 08:37 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-12 18:07 - 2018-12-08 08:37 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-12 18:07 - 2018-12-08 08:37 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-12 18:07 - 2018-12-08 08:37 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-12-12 18:07 - 2018-12-08 08:37 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-12 18:07 - 2018-12-08 08:36 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-12 18:07 - 2018-12-08 08:36 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-12-12 18:07 - 2018-12-08 08:36 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-12 18:07 - 2018-12-08 08:36 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2018-12-12 18:07 - 2018-12-08 08:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-12 18:07 - 2018-12-08 08:35 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-12-12 18:07 - 2018-12-08 08:33 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-12 18:07 - 2018-12-08 08:32 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-12 18:07 - 2018-12-08 08:32 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-12 18:07 - 2018-12-08 08:30 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-12-12 18:07 - 2018-12-08 08:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-12 18:07 - 2018-12-08 08:29 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2018-12-12 18:07 - 2018-12-08 08:28 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-12-12 18:07 - 2018-12-08 08:28 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-12 18:07 - 2018-12-08 08:27 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-12-12 18:07 - 2018-12-08 08:27 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2018-12-12 18:07 - 2018-12-08 08:27 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-12 18:07 - 2018-12-08 08:26 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-12-12 18:07 - 2018-12-08 08:25 - 00729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-12-12 18:07 - 2018-12-08 08:25 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-12-12 18:07 - 2018-12-08 08:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-12 18:07 - 2018-12-08 08:24 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-12 18:07 - 2018-12-08 08:24 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-12 18:07 - 2018-11-09 07:00 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-12 18:07 - 2018-11-09 06:57 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-12-12 18:07 - 2018-11-09 06:56 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-12-12 18:07 - 2018-11-09 06:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-12-12 18:07 - 2018-11-09 06:22 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-12 18:07 - 2018-11-09 06:19 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-12-12 18:07 - 2018-11-09 06:18 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-12-12 18:07 - 2018-11-09 06:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-12-12 18:07 - 2018-11-09 03:49 - 00565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-12-12 18:07 - 2018-11-09 03:49 - 00368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-12-12 18:07 - 2018-11-09 03:48 - 00745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-12-12 18:07 - 2018-11-09 03:22 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-12-12 18:07 - 2018-11-09 03:22 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2018-12-12 18:07 - 2018-11-09 03:21 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-12 18:07 - 2018-11-09 03:21 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-12-12 18:07 - 2018-11-09 03:21 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-12 18:07 - 2018-11-09 03:20 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2018-12-12 18:07 - 2018-11-09 03:20 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2018-12-12 18:07 - 2018-11-09 03:19 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-12-12 18:07 - 2018-11-09 03:19 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-12-12 18:07 - 2018-11-09 03:18 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-12-12 18:07 - 2018-11-09 03:18 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-12-12 18:07 - 2018-11-09 02:47 - 00295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-12-12 18:07 - 2018-11-09 02:31 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-12 18:07 - 2018-11-09 02:31 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-12 18:07 - 2018-11-09 02:30 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-12-12 18:07 - 2018-11-09 02:30 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2018-12-12 18:07 - 2018-11-09 02:29 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-12-12 18:07 - 2018-11-09 02:29 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-12-12 18:07 - 2018-11-09 02:27 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-12-12 18:07 - 2018-11-09 02:26 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-12-12 18:07 - 2018-11-09 02:26 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-12-12 18:07 - 2018-11-09 02:25 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-01-07 21:29 - 2018-04-12 00:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-07 20:35 - 2018-05-21 12:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-07 19:45 - 2018-11-06 10:39 - 00000000 ____D C:\Users\User\Desktop\anatomie
2019-01-07 19:45 - 2017-12-10 10:46 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2019-01-07 18:09 - 2018-05-21 13:09 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6657723C-50FE-4F27-85CE-19270B0774F5}
2019-01-07 18:08 - 2017-05-13 19:48 - 00000000 ____D C:\ProgramData\NVIDIA
2019-01-07 18:07 - 2018-09-24 14:50 - 00000000 ____D C:\Users\User\AppData\Local\Spotify
2019-01-07 18:06 - 2018-09-24 14:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify
2019-01-06 20:23 - 2013-10-20 18:03 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2019-01-06 19:22 - 2018-05-21 13:43 - 00000000 ____D C:\Users\User\AppData\Local\D3DSCache
2019-01-06 13:49 - 2016-08-16 15:38 - 00000000 ____D C:\Program Files\Epic Games
2019-01-06 13:49 - 2016-08-16 12:03 - 00000000 ____D C:\ProgramData\Epic
2019-01-06 13:22 - 2017-10-17 07:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-01-05 19:34 - 2015-03-24 15:38 - 00000000 ____D C:\ProgramData\TEMP
2019-01-05 19:24 - 2014-05-10 09:57 - 00000000 ____D C:\Users\User\AppData\Local\HTC MediaHub
2019-01-05 19:21 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-01-05 19:20 - 2018-05-21 13:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-05 19:20 - 2015-02-08 21:40 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2019-01-05 19:19 - 2018-04-11 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-05 14:55 - 2016-01-02 17:09 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2019-01-05 12:29 - 2018-04-12 00:38 - 00000000 ___HD C:\Program Files\WindowsApps
2019-01-05 12:13 - 2016-03-05 20:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-01-05 00:41 - 2014-08-09 23:14 - 00000000 ____D C:\Program Files (x86)\Google
2019-01-05 00:08 - 2018-05-21 12:24 - 02004514 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-05 00:08 - 2018-04-12 17:14 - 00842584 _____ C:\WINDOWS\system32\perfh007.dat
2019-01-05 00:08 - 2018-04-12 17:14 - 00191064 _____ C:\WINDOWS\system32\perfc007.dat
2019-01-05 00:08 - 2018-04-12 00:36 - 00000000 ____D C:\WINDOWS\INF
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-01-04 23:59 - 2018-04-12 17:18 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-01-04 23:59 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-01-04 23:59 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-01-04 21:22 - 2017-03-25 21:38 - 00000000 ____D C:\ProgramData\Electronic Arts
2019-01-04 21:22 - 2017-03-25 16:20 - 00000000 ____D C:\ProgramData\Origin
2019-01-04 19:20 - 2018-09-22 10:54 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2019-01-04 19:20 - 2018-09-22 10:43 - 00000000 ____D C:\Users\User\AppData\Local\Battle.net
2019-01-04 19:20 - 2018-09-22 10:42 - 00000000 ____D C:\Program Files (x86)\Battle.net
2019-01-04 18:30 - 2013-12-01 15:07 - 00000000 ____D C:\Users\User\Documents\BitLord
2019-01-04 12:14 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-01-04 11:54 - 2018-10-31 20:06 - 00002413 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-04 11:54 - 2018-05-21 13:09 - 00003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-219060023-492270685-2655468913-1000
2019-01-04 11:54 - 2015-08-01 16:45 - 00000000 ___RD C:\Users\User\OneDrive
2019-01-04 11:48 - 2016-01-04 17:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2019-01-04 11:47 - 2018-05-18 10:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-04 11:40 - 2018-05-21 13:09 - 00003630 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-04 11:40 - 2018-05-21 13:09 - 00003506 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-14 22:06 - 2018-04-12 00:38 - 00000000 __RSD C:\WINDOWS\assembly
2018-12-13 23:32 - 2013-09-04 12:02 - 00000402 ___SH C:\Users\User\Documents\desktop.ini
2018-12-13 23:32 - 2013-09-04 12:02 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2018-12-13 23:32 - 2013-09-04 12:02 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2018-12-13 23:32 - 2013-09-04 12:01 - 00000000 ___RD C:\Users\User\Saved Games
2018-12-13 23:32 - 2013-09-04 12:01 - 00000000 ___RD C:\Users\User\Links
2018-12-13 23:28 - 2018-05-21 12:30 - 00000264 ___SH C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2018-12-13 23:28 - 2017-12-10 11:28 - 00000000 ___RD C:\Users\User\3D Objects
2018-12-13 23:28 - 2015-08-01 16:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2018-12-13 23:28 - 2013-09-04 12:02 - 00000174 ___SH C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2018-12-13 23:28 - 2013-09-04 12:02 - 00000000 ___RD C:\Users\User\Searches
2018-12-13 23:28 - 2013-09-04 12:02 - 00000000 ___RD C:\Users\User\Contacts
2018-12-13 23:28 - 2013-09-04 12:01 - 00000000 ___RD C:\Users\User\Favorites
2018-12-13 23:25 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-13 23:25 - 2013-09-04 12:01 - 00000000 ___RD C:\Users\User\Videos
2018-12-13 23:19 - 2018-05-21 12:15 - 00479256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-12 20:51 - 2018-04-12 00:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2018-12-12 20:51 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE
2018-12-12 20:50 - 2018-04-12 00:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-12 20:50 - 2018-04-12 00:38 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-12-12 20:50 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\de-DE
2018-12-12 20:50 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\ShellComponents
2018-12-12 20:50 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\apppatch
2018-12-12 18:25 - 2013-09-07 15:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2018-12-12 18:20 - 2013-06-28 19:32 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-12 11:09 - 2018-11-28 23:01 - 00000000 ____D C:\Users\User\Desktop\samples
2018-12-11 18:41 - 2018-03-01 13:45 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-11 18:41 - 2016-11-20 15:22 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2018-12-11 18:40 - 2010-11-21 04:27 - 00592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-10 23:09 - 2018-05-21 12:30 - 00000000 ____D C:\Users\User

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2018-05-18 10:35 - 2018-05-18 10:36 - 0002298 _____ () C:\Users\User\AppData\Roaming\ASSDraw3.cfg
2013-12-01 15:09 - 2014-12-19 11:06 - 0000000 _____ () C:\Users\User\AppData\Roaming\bitlord_log.txt
2014-12-03 20:49 - 2014-12-03 20:52 - 0000146 _____ () C:\Users\User\AppData\Roaming\mainhst.zgh
2014-02-08 20:08 - 2014-07-18 23:08 - 0000165 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-03-24 10:51 - 2015-03-24 10:51 - 0120135 _____ () C:\Users\User\AppData\Local\48FD097A_stp.CIS
2015-03-24 10:51 - 2015-03-24 10:51 - 0000290 _____ () C:\Users\User\AppData\Local\48FD097A_stp.CIS.part
2015-03-24 10:50 - 2015-03-24 10:50 - 0385602 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS
2015-03-24 10:50 - 2015-03-24 10:50 - 0000220 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS.part
2015-03-24 10:51 - 2015-03-24 10:51 - 0190846 _____ () C:\Users\User\AppData\Local\675F9754_stp.CIS
2015-03-24 10:51 - 2015-03-24 10:51 - 0000246 _____ () C:\Users\User\AppData\Local\675F9754_stp.CIS.part
2015-03-24 15:38 - 2015-05-13 22:14 - 0006656 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-29 05:04 - 2018-09-29 05:04 - 0000000 _____ () C:\Users\User\AppData\Local\oobelibMkey.log
2016-01-04 12:07 - 2016-01-04 12:07 - 0000218 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2012-09-10 12:49 - 2012-09-10 12:49 - 0001050 ____H () C:\Users\User\AppData\Local\{793FD447-37EB-4083-B222-2E447297AF07}
2017-05-13 19:49 - 2017-05-13 19:49 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2016-12-30 21:04 - 2017-02-14 23:04 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-30 21:04 - 2017-02-13 09:22 - 0005854 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2018-05-21 12:15

==================== Ende von FRST.txt ============================
         
addition.txt lässt es mich nicht posten, da der text zu lange ist.

Alt 07.01.2019, 23:25   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Lesestoff bitte richtig lesen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.01.2019, 10:07   #11
GlowedUp
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von User (2019-01-07 21:41:15)
Gestartet von C:\Users\User\Downloads
Windows 10 Pro Version 1803 (X64) (2018-05-21 12:11:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-219060023-492270685-2655468913-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-219060023-492270685-2655468913-503 - Limited - Disabled)
Gast (S-1-5-21-219060023-492270685-2655468913-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-219060023-492270685-2655468913-1004 - Limited - Enabled)
User (S-1-5-21-219060023-492270685-2655468913-1000 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-219060023-492270685-2655468913-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Apple Application Support (32-Bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.8.000 - Asmedia Technology)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2002337054.48.56.2697538 - Audible, Inc.)
Backup and Sync from Google (HKLM\...\{693CADB0-962B-4AC1-A939-9524B258C997}) (Version: 3.43.2448.9071 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BOSS (HKLM\...\BOSS) (Version: 2.3.2 - BOSS Development Team)
Canon LBP6300 (HKLM\...\Canon LBP6300) (Version:  - )
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.6.03049 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.6.03049 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Discord (HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (Version: 399.24 - NVIDIA Corporation) Hidden
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.5.0.12 - GOG.com)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
EARTH DEFENSE FORCE 4.1  The Shadow of New Despair (HKLM\...\Steam App 410320) (Version:  - SANDLOT)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
f.lux (HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Flux) (Version:  - f.lux Software LLC)
FINAL FANTASY XV WINDOWS EDITION (HKLM\...\Steam App 637650) (Version:  - Square Enix)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxtab (HKLM-x32\...\foxtab) (Version:  - FoxTab) <==== ACHTUNG
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.80.505 - Digital Wave Ltd)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
GanttProject (HKLM-x32\...\GanttProject) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.33.23 - Google Inc.) Hidden
HD Video Plugin (HKLM-x32\...\HD Video Plugin) (Version: 1.28.153.5 - Plugin)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 6.0.1.2 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{8ABA0CC5-4643-4D1A-922C-55C332B02D71}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LINE (HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\LINE) (Version: 5.10.0.1789 - LINE Corporation)
LOOT Version 0.9.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.9.1 - LOOT Team)
Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.9126.2336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mnemosyne 2.4.1 (HKLM-x32\...\Mnemosyne_is1) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 63.0.1 (x64 en-GB) (HKLM\...\Mozilla Firefox 63.0.1 (x64 en-GB)) (Version: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.1.6877 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.1.1628 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.8.0.36 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.1.637 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.6.0.68 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.13 - Native Instruments)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
NieR:Automata™ (HKLM\...\Steam App 524220) (Version:  - Square Enix)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Grafiktreiber 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version:  - Timeslip)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.9126.2336 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
PrivateVpn (x32 Version: 2.2.5 - Privat Kommunikation AB) Hidden
PrivateVPN Client (HKLM-x32\...\{a51d4422-f54c-413c-8346-63ae8c23fa40}) (Version: 2.2.5 - Privat Kommunikation AB)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
ROCCAT Kave XTD (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392016206}) (Version:   - Roccat GmbH)
RPGツクール2000 ランタイムパッケージ (HKLM-x32\...\{33F7A957-A66D-45A1-BADF-6576083B14E2}) (Version:  - )
Shadowverse (HKLM\...\Steam App 453480) (Version:  - Cygames, Inc.)
Shield High (HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\8dc7bff0b5746ce9) (Version: 1.0.0.4 - Shield High)
Spotify (HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\Spotify) (Version: 1.0.96.181.gf6bc1b6b - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer)
UnHolY JaiL (HKLM-x32\...\uhj) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 7.3 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 307.2016.1230.2300 - Wrye & Wrye Bash Development Team)
対魔忍アサギZERODL1.0.1 (HKLM-x32\...\BLACKLILITHAsagiZERODL_is1) (Version: 1.0.1 - Black LILITH)
小影の伝説 (HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\小影の伝説) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-219060023-492270685-2655468913-1000_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-219060023-492270685-2655468913-1000_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-219060023-492270685-2655468913-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-219060023-492270685-2655468913-1000_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-219060023-492270685-2655468913-1000_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-219060023-492270685-2655468913-1000_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {034FF25E-9A20-46D8-9DBD-7AE88E185B27} - System32\Tasks\{D9A43674-0EA8-4F96-9CF9-C3DCA611E501} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {0436C8FF-6570-4488-9466-D9581E37F70C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0AB2CC16-957D-4102-BD3D-C64C6DF1C7E8} - System32\Tasks\{0A8B2EA4-83D9-46FD-B9CA-14A39A042AA1} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {0D150F34-A96B-4454-9F04-BDE557B597DD} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-12-02] (Microsoft Corporation)
Task: {11642331-754B-4402-B4C5-1344D5589F0F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {124EC83A-39E0-4FDD-9AD3-EDDDDAE83307} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {14989FAC-C007-474D-89E6-D91596B2672E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-10] (Microsoft Corporation)
Task: {1B816274-D24A-4C10-84E6-943690A17038} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1B998FD3-0227-4C7B-9B41-9FD6AEC9E64C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1C746FB2-86C2-4C7D-A313-4C6537B78D26} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {1C8A1DC1-6213-44DB-907D-1C8A29C5C195} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1C980C86-CE0B-4BF0-A1C1-84C50DC95C54} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-01-04] (Microsoft Corporation)
Task: {20262056-4089-499D-ABAD-1A8D2FDFD84E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {203CDB2A-1AAF-4EF0-A2D8-E7360554D6BD} - System32\Tasks\{E11C9D89-34AC-4BEE-9B0C-CAF028DF93EF} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {20D81C33-A0E6-49FF-8532-9B162FF00B94} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-05-20] (Microsoft Corporation)
Task: {290EF65E-FB3F-45CE-AD2C-E0FDE7099DB5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29E41AC7-A397-424D-80A2-271978CBDA2C} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-07-15] (Microsoft Corporation)
Task: {2A27295C-B996-41BB-91B0-46EC06608019} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {316D19F1-411D-4F28-8C5C-B6880B0CA309} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {35ADDDBE-B7B1-4BAF-80BB-A8BF0031E00F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {3615BFCD-3C58-4A0F-B260-A5FFF69AB3C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {37995126-98FC-4A2D-872A-0CCF9EF01C2F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {38D35FCD-DD8B-49C2-9E1D-0907596ACFB9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-04] (Microsoft Corporation)
Task: {3CDA8DBA-3F67-43B0-8EC6-0FED1702EF44} - System32\Tasks\{3497B22C-5BCF-42D0-9485-43E5C74E81E0} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {4304EBD5-72CA-4BE2-BAC4-80E453F0049F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {44B96A00-F2C5-49F1-AB0A-45A48B8E516E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {471817E8-5234-4C3B-934F-6FDB3C63D697} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {49393CE4-BC1D-4986-A21B-BD2526FD94A9} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {4A287029-8B6C-4667-B8F5-064C708D59FD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {4C2F332E-C0EF-4007-9A34-5F67D1D64D7E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {4ED709CC-B267-4437-83CF-F4C301FA2B7A} - System32\Tasks\{90B4006C-FBA9-40E4-8809-B214837AB73A} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {591D2FC8-9C80-4DFC-8E12-34C40924F4B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {5DCF284F-C76A-4285-B082-DD0948B3D84D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {6113D950-DD8C-418B-89AD-62D48012758A} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {61DFE6B4-3B1A-402B-A2C1-8B33485A8D29} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {66A08247-1C1D-4CE4-98B3-FC1F7357F705} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {699688E3-8224-48AE-83C4-AD67E19C1324} - System32\Tasks\{B3060346-B19A-4A4D-829E-A587B6A0C5DC} => pcalua.exe -a C:\Windows\AppPatch\AppLoc.exe -d C:\Windows\AppPatch\
Task: {6C051380-8460-4FF5-8CCD-8C27B0ABE921} - System32\Tasks\{61642214-D591-4BBF-8294-FCF77D96308F} => pcalua.exe -a C:\Users\User\Downloads\Texmod0.9b.exe -d C:\Users\User\Downloads
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-05-20] (Microsoft Corporation)
Task: {6E0243EE-5B36-4773-8F01-E720D0936BBE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {6EC1DB15-1782-413D-8E4F-A64E5225A5AD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {703AE38D-60F0-4A10-8C34-65EB7F8F64B5} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "&amp; %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {71FBA100-A33F-4540-9934-39EDFDC39379} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {738B2909-7EB2-469A-9437-CCDFB2834AC2} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {7537B507-9316-4A1D-84D9-E196F65CE2F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-12-12] (Microsoft Corporation)
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7987F8C6-000C-44C6-9E49-02A464DF7E28} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {81D0B7B6-B8A1-4718-8B0F-D0BE623BC534} - System32\Tasks\{1BDA7524-00A0-4E87-868B-235FF0DDD87B} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {86783D90-5B00-4B18-B964-07784FC86062} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88C91D34-CEC1-4021-A73C-752295CAD4BE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8A9EC4E9-AF7E-4EEF-A91B-A25D88ED52E9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8D638848-3CB8-42BC-BB06-5743ECD1B9F3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {8F6F2209-7BF7-4DFE-BD3C-AECA09BC643E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {9127E4EE-6165-4681-A425-24185E1A356F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-04] (Microsoft Corporation)
Task: {927DB352-5EE6-46D6-B62C-2AB30AC91EE6} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-219060023-492270685-2655468913-1000 => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2019-01-04] (Microsoft Corporation)
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation)
Task: {9D800AF6-9DAC-4A81-9860-698B1B801C8E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {9F987BEF-9CF6-40A3-A2EF-34FFBB067A53} - System32\Tasks\{E60CB027-E9D6-45BD-92FE-E2E57239BF07} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {9FBE1670-F304-4B6C-B862-F27490F2D98F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-04] (Microsoft Corporation)
Task: {A0E5243B-E19E-482C-828D-BF6524A42B03} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-10] (Microsoft Corporation)
Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {A3978E48-50A4-4687-A6E8-8697A4539427} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {A42CB250-817A-4D4C-BD79-4649D6E75402} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A687A4F2-C138-4491-94E8-5A566E449A02} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A713D011-F25A-4BF2-98FB-C8ACE9C077C5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A8904083-8FCB-4AF8-83D6-5040D9F484BB} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {AAF2BDD5-9D3C-4019-9F46-CB534D237E4A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {ABDAAFB2-7D7B-4E39-A6D3-2FD97FF1C9ED} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B2F9DF3E-E2A7-4280-983C-2CD30EE76C59} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {B5038601-7334-4908-A31C-CEA063328188} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {BDC26048-0F52-42AD-801A-94BFD1FBEDCB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C1666A5B-1AB1-4562-910E-5C15BF038653} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-05-20] (Microsoft Corporation)
Task: {C234FBD0-62AB-47D4-A224-71E5A9191AA5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {CA2DE0B9-871F-4AC1-822C-53B276E59D3D} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {CB44961A-4596-4666-86A4-E3BFFFFC187A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {CD514D5C-3549-4961-ABC6-14525CA7B042} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "&amp; %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {CD537B38-B72E-482E-9EBB-50A2DC57CEA9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {CF01EAEE-9F7F-4C20-928A-644BB80CA3F1} - System32\Tasks\{25548B6F-D77C-4376-B6F9-524D71EA24BF} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {CFA323E0-3387-4A5A-A0FE-3A948B8B9A7D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D079D0A7-292B-4D36-89CA-54F1AE60A3A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-01-04] (Microsoft Corporation)
Task: {D14FC912-9104-491C-AA4C-7A81B1AC01B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {DD3DCE01-F2B0-46C4-B5EA-B384D5C8AC51} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation)
Task: {E0D59576-E41D-47E3-BB3A-6559D93531E4} - System32\Tasks\{33AA8B8B-6BF3-46C8-8AA3-50891BF5CA72} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {E15BE156-09D1-4B72-86B3-3F8D74E4FC56} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E2929D8D-9893-4754-BA90-CE23895970C3} - System32\Tasks\{2EDA6CEB-5E1F-48DC-85CD-ED036CD2FC8E} => pcalua.exe -a C:\Games\Steam\SteamApps\common\Oblivion\Oblivion.exe -d C:\Games\Steam\SteamApps\common\Oblivion
Task: {E34A82F0-366F-48A6-A336-E8EA104F8011} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E376CAB2-02D9-44DB-A227-DA35E70DACAD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {E3B2DB7D-B9E6-4894-B520-9A1DA1D2E9F4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {EC385D17-251F-48CB-BE97-D6A23AE517AA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {ED448C33-9D0D-4DB5-ADF0-71D53F0E0E0A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {EE0EBA43-8344-48F5-9DCA-F631C5A5DC4A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-04-12] (Microsoft Corporation)
Task: {F0886880-B984-4F90-99E3-C341230A2FF9} - System32\Tasks\{F3297532-A372-4802-A3FC-F078FBF8A8EE} => pcalua.exe -a C:\Games\Tinkerbell\Setup.exe -d C:\Games\Tinkerbell
Task: {F08BA212-EAF3-4D1D-830B-2EA492DDD1C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {F21EE7E1-35C5-47FB-8E15-D8065EF47EFD} - System32\Tasks\AdobeGCInvoker-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {F2502601-590A-4F7B-91A7-C66C9348481E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {F71A28FC-EAD7-4238-9097-ACCA929BE2CE} - System32\Tasks\{A6B6307B-D4A0-43C3-89E3-E7B8A5C3F4B8} => pcalua.exe -a C:\Users\User\Desktop\V\Tinkerbell\Setup.exe -d C:\Users\User\Desktop\V\Tinkerbell
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {F99E2668-072C-4566-9A3F-8886BEC18835} - System32\Tasks\S-1-5-21-219060023-492270685-2655468913-1000\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
Task: {FA900060-0C63-48F1-B725-757C3B501673} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FEC4A661-F691-4FD9-8AFB-FA937C32288D} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {FF59A197-5471-49CA-8634-D58593E95C02} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-05-04 14:41 - 2012-05-04 14:41 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2011-11-13 13:30 - 2011-11-13 13:30 - 00676864 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2011-11-13 13:31 - 2011-11-13 13:31 - 03643392 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 00088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 01356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-05-30 08:02 - 2018-07-19 21:20 - 01314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-27 10:47 - 2018-07-27 10:47 - 00010752 _____ () C:\Program Files (x86)\PrivateVPN Client\PrivateVpnDaemon.exe
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-10-17 16:41 - 2012-08-21 15:07 - 03034112 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hp1100su.dll
2015-10-17 16:41 - 2012-08-21 15:07 - 01038336 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HP1100GC.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2019-01-06 13:26 - 2018-11-15 11:01 - 02712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-06 13:26 - 2018-11-21 11:07 - 02842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-10-17 16:41 - 2012-08-21 15:07 - 00288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2016-03-06 12:45 - 2012-08-21 15:07 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2016-01-04 11:57 - 2015-10-02 23:21 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 18:08 - 2018-11-09 03:17 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-01-04 12:06 - 2018-12-14 07:50 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-10-31 20:14 - 2018-10-31 20:16 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-14 22:23 - 2018-12-14 22:23 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-14 22:23 - 2018-12-14 22:25 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-14 22:23 - 2018-12-14 22:23 - 10927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-14 22:23 - 2018-12-14 22:25 - 02916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-14 22:23 - 2018-12-14 22:24 - 00688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-14 22:23 - 2018-12-14 22:25 - 00182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-05 00:41 - 2018-12-12 06:11 - 05237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2019-01-05 00:41 - 2018-12-12 06:11 - 00117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-14 21:52 - 2018-11-14 21:53 - 00478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-14 21:52 - 2018-11-14 21:53 - 66031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 08:50 - 2017-10-05 09:08 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-14 21:52 - 2018-11-14 21:53 - 00010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-14 21:52 - 2018-11-14 21:53 - 03715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-14 21:52 - 2018-11-14 21:53 - 00036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-17 17:54 - 2018-08-17 17:57 - 02480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-17 17:54 - 2018-08-17 17:57 - 02280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-05 19:15 - 2018-04-05 19:25 - 02283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-14 21:52 - 2018-11-14 21:53 - 14097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-14 21:52 - 2018-11-14 21:53 - 03569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-14 21:52 - 2018-11-14 21:52 - 02863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-01 09:13 - 2018-09-01 09:15 - 00973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 12:24 - 2018-07-27 12:25 - 04584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-14 21:52 - 2018-11-14 21:53 - 00048128 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\ImageDecoding.dll
2018-11-14 21:52 - 2018-11-14 21:53 - 00146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\SKU.dll
2018-11-06 10:37 - 2018-11-06 10:39 - 00194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 10:37 - 2018-11-06 10:38 - 02538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-06 10:37 - 2018-11-06 10:38 - 01754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\system32\InputHost.dll
2018-09-05 21:15 - 2018-09-05 21:15 - 00033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system.dll
2018-09-05 21:14 - 2018-09-05 21:14 - 00062464 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time.dll
2018-09-05 21:15 - 2018-09-05 21:15 - 00108032 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread.dll
2018-09-05 21:15 - 2018-09-05 21:15 - 00043008 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono.dll
2018-09-05 21:15 - 2018-09-05 21:15 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-01-19 16:25 - 2016-05-05 16:17 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-01-19 16:25 - 2016-05-05 16:17 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-01-19 16:25 - 2016-05-05 16:17 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-03-24 10:31 - 2014-03-24 10:31 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-03-24 10:32 - 2014-03-24 10:32 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-03-24 10:32 - 2014-03-24 10:32 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-24 10:32 - 2014-03-24 10:32 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-24 10:32 - 2014-03-24 10:32 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-24 10:34 - 2014-03-24 10:34 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-03-24 10:36 - 2014-03-24 10:36 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2016-03-05 20:26 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-05 20:26 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-05 20:26 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-05 20:26 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2018-05-30 08:02 - 2018-07-19 21:19 - 01032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-03 00:19 - 2018-07-20 05:34 - 01452728 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ClientTelemetry.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
         

Alt 08.01.2019, 10:08   #12
GlowedUp
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Code:
ATTFilter
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [117]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-10-12 09:01 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-219060023-492270685-2655468913-1000\Control Panel\Desktop\\Wallpaper -> c:\users\user\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\pippi-langstrump-weed-640x250.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\StartupFolder: => "DS4Windows.lnk"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\Run: => "DVSSkypeRecorder"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\Run: => "Line"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-219060023-492270685-2655468913-1000\...\StartupApproved\Run: => "Discord"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{20ED5E9C-84F0-411F-826B-3FEEE0E169F3}C:\games\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\games\steam\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [TCP Query User{F7292049-763F-467A-988D-87844743FB56}C:\games\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) C:\games\steam\steamapps\common\total war warhammer ii\warhammer2.exe
FirewallRules: [UDP Query User{75832418-0381-4690-B921-4A41B2A6D75A}C:\games\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\games\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{94F4390A-3AB1-47FD-A453-53259FF78EFD}C:\games\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\games\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{C72DA6BF-D95E-4331-9F1A-0EFB4BAFB70C}C:\games\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\games\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{D27DCCFF-0260-420C-A8C5-F0ADDE4D3C23}C:\games\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\games\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{CF9CE261-1474-40C2-B965-BAB09C4C9EC4}] => (Allow) C:\Games\Steam\SteamApps\common\NieRAutomata\NieRAutomata.exe
FirewallRules: [{E5D9B81F-EB46-4357-B0CB-EDBA742B7B15}] => (Allow) C:\Games\Steam\SteamApps\common\NieRAutomata\NieRAutomata.exe
FirewallRules: [UDP Query User{26AA0513-2B8E-4A23-B89B-FDFDBEB61E33}C:\games\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{CA1626E3-E203-4F94-BE47-C51324C6AE40}C:\games\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe
FirewallRules: [{8DB6F1AE-309F-4D6B-AEB8-87006A9D6CCE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{B97A9D58-27A6-4322-8FF6-8AE5D9EF424B}] => (Allow) C:\Games\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{8DCEAFD8-4811-4403-A57C-E054DF16AA50}] => (Allow) C:\Games\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{AE02AC32-AFAF-4419-BDE6-58F18F5C87B3}] => (Allow) C:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{DB7F3636-56EE-4CC8-B0FF-14A86DE1F2C3}] => (Allow) C:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [UDP Query User{E9715FD0-E8F7-4531-B811-9D81B9CD1177}C:\program files (x86)\mnemosyne\mnemosyne.exe] => (Allow) C:\program files (x86)\mnemosyne\mnemosyne.exe
FirewallRules: [TCP Query User{858A0DCF-2E85-48BE-940C-42B220AE0FB3}C:\program files (x86)\mnemosyne\mnemosyne.exe] => (Allow) C:\program files (x86)\mnemosyne\mnemosyne.exe
FirewallRules: [{EB3B4F5A-4BC8-4432-AFDC-4CB517C99F9E}] => (Allow) C:\Games\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{B49C5580-33B3-45E5-BEFE-FCDC67D1C011}] => (Allow) C:\Games\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [UDP Query User{9DD3B6F8-C881-465C-BFE1-FE880AD9230A}C:\games\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\games\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{B78A600D-10BC-492B-AB11-7842B1559FDB}C:\games\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) C:\games\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{472D28C0-04DD-4819-82BA-F05AC74D3A39}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{FA82C7E7-E580-48EC-B0C8-A2F6D6004542}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{9137AF2D-2E55-42B5-9EF1-C1FEA85E8B23}] => (Allow) C:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{7097E059-2F1B-4CE5-806C-3164B85A73B4}] => (Allow) C:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{2DC51E7D-7F5E-48C7-B2DC-F3DA2D9E6EE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{740C4DA8-A240-4555-B6E6-0F6FE2C5F2E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3FB244ED-DBE6-4FD8-8F02-CC53EC3AD55A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F8AEDDD6-17BE-435E-BC74-C8792047D9B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CC4F675E-4EB0-49C4-8C94-2557F5AEE3E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{566E3647-257F-43F3-934A-6E38E0A4B7A8}] => (Allow) C:\Games\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{FD1491CB-52D0-49A4-B9AC-3467E786BBEC}] => (Allow) C:\Games\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{38FCCF61-DD0A-40E7-AB82-A22E426C998D}] => (Allow) C:\Games\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{F2FE950B-3F44-49E0-B5AC-447EB6E91EA4}] => (Allow) C:\Games\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{D96E71CB-9D84-4342-8857-3D15DDA20266}] => (Allow) C:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9C250243-0FF6-42B4-A156-4AFF833B5E68}] => (Allow) C:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6F431C23-5CCB-42C8-A7D7-BCFA19268A15}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe
FirewallRules: [{355CA084-3998-4612-B5D3-AA69E437FD30}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{85A008ED-2CDC-4D1D-BEAB-3676DD667C27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F5D96D9A-CC92-4A0B-A334-4EB675789783}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{784AFC93-3E34-4608-BF31-140C30B32B29}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{11BCD827-B3E0-46A8-B651-80211E2BB32A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{567825DA-C3C3-4DD7-9544-F528A0B4BEC1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{DDB62225-1F89-4FB9-A44F-AE31B6BECB2F}] => (Allow) C:\Games\Steam\SteamApps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{CAB47371-F2EA-4C17-9897-633BF7B7F16C}] => (Allow) C:\Games\Steam\SteamApps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{2E87743E-65AA-4084-AA45-17149A5DBFBB}] => (Allow) C:\Games\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{D114C381-9002-4A7F-B3DF-A7C62DC93DFF}] => (Allow) C:\Games\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{04B44271-4CE7-4ABC-9F47-9448DCAFB938}] => (Allow) C:\Games\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{74013B7F-1072-466E-BD22-87038B26E544}] => (Allow) C:\Games\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [UDP Query User{8F01EB1B-56E2-4E97-813C-8F815B6D81D7}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{18285723-F589-4CB1-AA6A-71D2C9DF98B5}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{EBA9F437-08FB-43E8-8F57-80AF885E08E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DDDA\DDDA.exe
FirewallRules: [{B9DD152C-CAB1-4AD7-BC5C-65D27F9C7EBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DDDA\DDDA.exe
FirewallRules: [UDP Query User{D228E4F0-D824-4EC5-A1E3-E154F9246FDF}C:\program files (x86)\galaxyclient\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) C:\program files (x86)\galaxyclient\games\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [TCP Query User{072428F1-10D0-4B34-8A9A-CB69F5D5062B}C:\program files (x86)\galaxyclient\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) C:\program files (x86)\galaxyclient\games\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [UDP Query User{98492EA8-18A1-4E71-A15A-F3C85D76B7B8}C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [TCP Query User{727E50F9-0274-46CE-80E4-9C414DB6BCDA}C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [UDP Query User{C82FDEAF-6B4D-46E5-8562-7516166BA7F8}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{990A4462-5EDD-4E46-B5AF-2FCC0F0621ED}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{2E1DE933-A015-4DB6-8386-CF6514FB9BDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{61727532-0833-491E-BC24-167EE0E537DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{3E391319-80E2-4F81-BC63-885E0B785B45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{7265E99E-0C5A-4B08-BECB-B6760D959C71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [UDP Query User{27B40F0F-6CA9-460F-A067-18904E8D2691}C:\program files (x86)\mnemosyne\mnemosyne.exe] => (Allow) C:\program files (x86)\mnemosyne\mnemosyne.exe
FirewallRules: [TCP Query User{9402E1DE-9D3A-4DD3-A8DA-30BC3B7C0DF1}C:\program files (x86)\mnemosyne\mnemosyne.exe] => (Allow) C:\program files (x86)\mnemosyne\mnemosyne.exe
FirewallRules: [{18FF515E-2D40-4E74-B286-CA79BE540674}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{420E6227-C6A3-41A7-8E17-084BA3F28148}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{D8125F8F-E9A4-4FD5-8643-DA3E74CAEAD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{849A6DC0-7996-45DD-B741-424A3153234C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{04C0182F-590C-4B27-B252-9A25B2913D7E}C:\program files (x86)\galaxyclient\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) C:\program files (x86)\galaxyclient\games\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [TCP Query User{B0CE6EE5-804A-4FF4-9ABA-A0AE75B52BEB}C:\program files (x86)\galaxyclient\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) C:\program files (x86)\galaxyclient\games\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [UDP Query User{223B6BA1-9A11-44E3-966F-C17F44560CDF}C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [TCP Query User{9C0DA7B2-F61B-43FB-A48A-0F4735A35F78}C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [UDP Query User{D64EE295-5810-48D4-A717-2BCD6D37C3E5}C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [TCP Query User{BA535205-CBA5-4994-909B-2B1354CB1051}C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [{F846BE88-579A-4723-B0B3-56C39AC27393}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A06C4954-CD81-4162-ABBA-D4EA067D2C1D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6C21F02E-B532-4A34-8DAD-47DE5AF7C3AD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{92D4AAE9-571F-4A4D-BBCC-34E6626C7D1B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2AD77244-EB74-4924-A8AC-3A74B8855200}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{E7127524-C385-43BC-AA8B-F547643E3A2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{28F6BF99-6E31-4DFF-A101-23F64624A790}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound - Unstable\win32\launcher\launcher.exe
FirewallRules: [{35623445-ADDD-4B4D-B6BD-53EBE81E84FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Starbound - Unstable\win32\launcher\launcher.exe
FirewallRules: [UDP Query User{714727DC-4F66-4474-ADE2-305B56C1550E}C:\program files (x86)\niji\ppp_release.exe] => (Allow) C:\program files (x86)\niji\ppp_release.exe
FirewallRules: [TCP Query User{7C760EB0-BD70-4F01-9548-BCE2EA525153}C:\program files (x86)\niji\ppp_release.exe] => (Allow) C:\program files (x86)\niji\ppp_release.exe
FirewallRules: [{E7F1D927-BE2B-40C5-BFD9-A171F2FB0A81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{F2C3C781-7043-49E9-8991-3FE948960FEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{56A4B46C-4B24-44B1-9A6D-194FD03767B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B2E1840F-07F7-4D04-B207-811742853DBE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{114ADF28-6478-44D0-AA2B-A5EBF63A5C26}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5641AE2-1308-4C70-8098-AF9B7EF89951}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F6CF3366-399A-4B8B-B7BD-D718E00FD28C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{1FE8DF29-0F01-4B16-B316-AA4064753F4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{FE2B01C9-F83E-4497-81E0-0DE7F655D4C3}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{66CC6C4E-3580-402C-BD93-04959312A23E}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{8FF9A388-944C-4414-8E51-CBA7D0D1D629}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7F30610C-706B-41C4-95EE-92BDDB076DC2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E2AF6F9B-CE88-4FA8-943E-12D3A688838F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DA47EC0D-329E-4D7E-8A07-20B3197396B4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AB16E861-7CE3-4F31-83C2-26E8031414EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{38A96203-62DD-4BB5-9225-46F5C925A388}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{17EFCBE2-8BC6-4FD0-BA44-23F071AFD01D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{00793B30-81F8-4FD2-A1D4-1C0FE54DE11C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [TCP Query User{09F6EFA9-E9FA-4756-AEB5-17C7363B7DC0}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [UDP Query User{7C703054-1CD1-4ECB-BDCF-32C6164C9987}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [TCP Query User{B8453338-966F-404F-8FCE-3216D1C2B294}C:\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{FA290B98-8EBD-440F-8B34-0EBBFCDBA314}C:\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\neverwinter_en\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{93B51CEF-3333-476E-86BD-EACD8B9951F8}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{D83CFE1B-FADB-4BFB-9699-D578EC9FFF82}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{0EE528E3-73BA-474E-A9CD-11EB8B1D31D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{78F8F8AE-143F-4722-AB3D-A64EB4716819}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{0F7DD2D1-F1BD-4C5C-8D81-0EE70C852E39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{CFDA04A5-ECF8-421C-AFF3-4D5211119679}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{70445678-648B-44AD-9DCE-D88D1ED50D66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{37DFD985-8C76-4A96-A559-3A960864BD1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{CC376C73-99F6-43F7-BDB0-A91295E98247}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{66454374-76B3-4CF9-8FDF-DB48362C48D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{46EF7FF0-0674-45B2-A425-BA3AC8B04B5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{C4F90453-024B-4FE5-B00F-5B4F17CDE4D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{9A74E3D3-6D9D-483C-81F5-E66CE3E4237C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{17404296-FCB1-4E29-B83F-26FF4BD28376}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{5E2D4C4A-4E21-45C9-B5AA-ADBCD1C598E5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7128CC10-D368-4707-BDB5-2B32550ABC1A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{0D9D037A-0C40-4F75-81F8-D56CEDC6688E}C:\users\user\appdata\local\temp\gw2.exe] => (Allow) C:\users\user\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{41B46AC3-90C7-4853-B1FF-A78840432DBC}C:\users\user\appdata\local\temp\gw2.exe] => (Allow) C:\users\user\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{081BC088-3BFE-4C63-ADC2-A868409B00B0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{A2AA62F3-D994-4541-BB37-94BB7291B310}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{7D4F1CED-DDFB-40D8-80AD-78A9C5C732C4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{21B39352-5C6D-42A2-962F-C72C1FBBFCA6}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{C3CF4ECA-F452-4CDE-9FD7-8B021A880558}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{96C27BAE-F488-4785-994E-C7B5CA73FE02}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{118FFA66-7490-430D-8EA1-E62982847E88}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{929A3191-BD2C-44B8-B417-FF8037583B1E}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [TCP Query User{9E8BEF00-993C-48C5-B720-768ED24996E8}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{9B6D50CA-8D1F-4E47-A294-B4FEA5A69E45}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{F58F07E8-FCDD-435B-A3C1-BC7CAED598F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{6B940538-CE1C-45A0-9387-E22E6EB1373D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 4\Bin32\bio4.exe
FirewallRules: [{5ABD7759-3B45-4860-94DC-2089D848B7FD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{BCF50EC1-4FBA-45B7-8878-D0D322C4F614}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6652F540-B402-42D6-A88B-4B4AEFEF3ACE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{2BBE8AA6-32F3-47B5-B847-545661DFE4F4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{1DB4126E-56E4-467A-A2FF-8DF183DE6038}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{8D30E73B-77B0-42F4-AFAE-05B9A534E8FF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FA39570A-BA49-4E46-8DD9-9AFECA062AB0}] => (Allow) LPort=2869
FirewallRules: [{3CB85D7E-4950-458F-BFAA-E1E2C443B5AE}] => (Allow) LPort=1900
FirewallRules: [{B0815590-A707-4D2E-A763-B84D907041C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{2DFEFC08-84BC-4FF6-8231-B69FF77136C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{F363CE1F-3EF2-4EA9-ACBC-931B8C6EC8D0}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{2C6B737F-1B31-4184-B03D-BB9BDDE5E940}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{B14C7E5B-43FA-47A3-B503-68ED0A3CDED4}C:\program files (x86)\steam\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [UDP Query User{E8447261-68FE-4169-AE21-E0C0CD83BDC4}C:\program files (x86)\steam\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [{A2486E56-3831-48E0-A192-D8A3086BC509}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{A1A75681-78BF-4307-A7CB-C4AF1B991F16}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [TCP Query User{CEF1176C-7952-4821-94E8-1278E691177A}C:\program files (x86)\naver\line\line.exe] => (Allow) C:\program files (x86)\naver\line\line.exe
FirewallRules: [UDP Query User{8D272862-0FA4-4A78-8879-012824EC5FE9}C:\program files (x86)\naver\line\line.exe] => (Allow) C:\program files (x86)\naver\line\line.exe
FirewallRules: [{010FB147-E69D-4FB1-9550-0527BE364F89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{202AFC5D-3EA3-4BD2-A47C-CBDB402444E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B1A7C635-2497-4072-A801-9C4891ED7F04}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E71E7CFC-38EB-4FAD-AAAE-D19125C762C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{7424AA6B-A5F8-4C06-8BCF-CDCF6A11EE3D}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{097B39C6-FB80-4A50-8EEC-13FAC9997513}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{378EB3E7-E5C2-4A30-93FE-FFF7A4A087CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{6DE82AB3-BD0C-4314-86B8-E64D3203859B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [TCP Query User{C261A552-F716-4DE6-8060-02530ED5F9ED}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{6EC2C647-6175-428B-A84D-29A6230FBBDC}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [TCP Query User{09D32752-378E-4B5E-A982-D913CFE0CC42}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{A8A52022-1755-4EEE-B710-10BC6F69EA43}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Block) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{B195E33D-7D82-499B-ADD1-F96881A2893C}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{0FC3BD68-23D4-4E51-9650-226FACB6863F}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [TCP Query User{20B2C6F6-BEED-4F40-A9E1-1536C17B7272}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{77CD3D1C-6E13-4783-B446-AC8B1ED8C2C3}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{B1C08A7B-103F-4478-B655-8318AA38EF5F}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7A0455E7-2308-4781-8531-FF80B3146F66}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BB620BD9-CCE0-40A0-8697-E2753AF4F076}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A33BF41F-3892-44DE-BF64-5A799283D194}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B4901917-2681-4898-9C97-38AEF98C1453}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{7722BAB8-7991-4E6F-A56A-ABCE01CB91AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{E2E2FE06-167C-48C0-AA83-C063C8279D8B}C:\program files (x86)\java\jre1.8.0_25\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\jp2launcher.exe
FirewallRules: [UDP Query User{40E8965F-D09D-4C3E-83D1-FB6A51B7F094}C:\program files (x86)\java\jre1.8.0_25\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\jp2launcher.exe
FirewallRules: [TCP Query User{24A3C88E-D2C7-4CE4-AB35-B09648C425BE}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{B5FE44C7-BE92-4F08-BC39-9C8E5192109B}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{B16FE6D3-A5DA-4A65-841F-5BC38F6B55F1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2669EE40-0EA8-44B9-89BE-644F1BC719D8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BC3A9857-F329-42F0-BA6E-D1EFF0D91E60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{00119B7D-D6A4-4DE2-9788-DB78EE298170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{AF9E2CE6-6249-40C0-98EA-BD8BBD3A3E14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{312ABBCC-7741-45B1-9E64-5733C47FC7B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [TCP Query User{3081D42A-FAAE-4B11-9751-AAA69833DAED}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{21F618B5-988A-48F8-8844-4DD9CDDDB4E7}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{9EFF624A-C4AA-436F-A1AE-9D4ED1EE53A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{276581C2-CB68-4B45-89F9-1A9A560604FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{F25945D7-71E4-49FE-84EA-C8F9D12E534C}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{B68D96C8-95C2-4B2C-8438-5BD48EEB0C7F}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [TCP Query User{94F4A193-2762-4D5A-AB92-8D55F2291E0A}C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [UDP Query User{7186E126-9E07-4875-940A-7DA62CDF8F40}C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [TCP Query User{EA7E00AB-A94D-40CA-A7AF-BC0D3A24B509}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{8A526B8B-3140-4588-AF8D-D51D99D46968}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{75A00875-FA53-4D23-B5F6-3A9E37FD1BD2}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{D85748CA-A64F-4336-B65C-05DF7AE9245C}C:\users\user\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{0587783C-34AA-4EAE-B144-B1A62DF6C807}] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{BB22A721-C0B8-4869-A5B6-E442591158E7}] => (Allow) C:\users\user\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{2D73E771-3C76-449D-82F9-11C6ECE36724}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0AC34C3B-FC1B-42F2-8BD2-1D005B89BCFE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2D2F7929-3AB1-48F0-BF12-80426E4DF6C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{C5B953C6-03A5-4116-A5E3-9D10451AEB44}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{4D8CA46E-D0A0-42B0-9569-A46CC4EB3598}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{C961F9B3-8F0D-4755-ADDF-A7F66B4CF1A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{475DF894-DC5B-421C-A00E-EB9052403260}] => (Allow) C:\Users\User\AppData\Local\Line\bin\4.7.0.1027\LINE.exe
FirewallRules: [{0D6E6E3E-877D-434F-BFA3-6D818C30DAC0}] => (Allow) C:\Users\User\AppData\Local\Line\bin\4.7.0.1027\LINE.exe
FirewallRules: [{3BACCF41-8103-4440-BA1D-34CD417104AB}] => (Allow) C:\Users\User\AppData\Local\Line\bin\4.7.0.1027\LineUpdater.exe
FirewallRules: [{9CA34554-9CC3-4A61-AE3A-DD9794FD9295}] => (Allow) C:\Users\User\AppData\Local\Line\bin\4.7.0.1027\LineUpdater.exe
FirewallRules: [{75905093-2577-42BF-8B37-2EFDFACAEB86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{965A15B6-6B03-409B-9D8A-D3FDC88D52D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{A01B173A-F405-4657-9D66-F534F1DE8A65}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{9FD6B782-38EE-4764-9E94-B8A33D554E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{2B77FF6A-CFD6-41BE-BB17-61AC76AA140B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{69D81864-EA64-49B3-8D92-14AB911762BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{92E8B369-7F64-49C3-91D7-F52CE39C644F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{33F20F95-885E-43A1-8F0F-7BB249639AEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{2CD97986-21A1-47B5-81EF-F8BEECDBC277}] => (Allow) C:\Games\Steam\Steam.exe
FirewallRules: [{51D525CD-7423-49CD-A173-E7F38AD57596}] => (Allow) C:\Games\Steam\Steam.exe
FirewallRules: [{FDBA93DB-E10D-43A9-B1E6-14DFD9650BB2}] => (Allow) C:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{CDB2C154-7CD7-481F-940C-292DD4CAD606}] => (Allow) C:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{59897405-5BB4-4A07-A928-C661C14F986D}] => (Allow) C:\Games\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{CEAF5DD0-150F-40F6-9C40-ABE4747026DA}] => (Allow) C:\Games\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{50F3725E-F495-41D7-AFD6-C26A308FDC60}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{3D23FD09-0117-46A2-B362-8258526BC425}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{FDDE4134-1077-4053-A04C-0B3F07144693}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{807F5EC4-F2AB-4B52-9E97-8A4CDD044B3E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{5BE47623-D9EE-4626-98C3-8B89288970C1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{A5128CA8-26C7-4F87-9CC0-70C4186A649A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{722F3401-1ED2-4619-B553-C23EBDAEFFED}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{C4457FF2-1C5E-4047-ACB9-DEAD52E28132}C:\games\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) C:\games\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [UDP Query User{E746BBB0-A766-4C1E-BA65-D418A588A0E3}C:\games\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) C:\games\steam\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [TCP Query User{76BF57A0-9583-4EC3-B430-F977DBDF2489}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{1992FEEE-9001-4925-A177-7C9CE9E6DED6}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{632DC0CF-0CB6-48F4-A851-D7A5C5B72D4B}] => (Allow) C:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{B2F40D3C-8562-4132-BE59-2F303D859E3E}] => (Allow) C:\Games\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{857F214D-05F9-4F29-8D02-DE98877BFA16}] => (Allow) C:\Games\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{4697C750-5C53-474A-A7FC-B1F50D258A62}] => (Allow) C:\Games\Steam\SteamApps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{D105EE5B-AEC5-41CD-9F47-A0877CD93437}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1C9E021F-15E5-45A3-8404-559A37598C1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{86A681A7-5120-4910-99D0-9A69260A131F}] => (Allow) C:\Games\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{0AA34968-498B-4B8B-9C35-8CA2FA3F6258}] => (Allow) C:\Games\Steam\SteamApps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{C298F529-2DDC-465A-B49A-6144CA6F6BF3}] => (Allow) C:\Games\Steam\SteamApps\common\Earth Defense Force 4.1\EDF41.exe
FirewallRules: [{DF9741BD-B131-40AF-8079-D34752761700}] => (Allow) C:\Games\Steam\SteamApps\common\Earth Defense Force 4.1\EDF41.exe
FirewallRules: [{46212A95-933D-418E-A6E1-970FA30D1F32}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DF181B92-0A94-4C29-9506-21187A8DC0B4}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{4ECEDB36-58DE-465F-AB86-450E7053C07F}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{03F73EF5-A6A0-40A5-8F41-8B1AEB229C54}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1D26C0EA-AAD8-464F-AA52-F79FBFEDF05B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{163541F7-8777-4120-9038-28269BEBE240}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{782D0300-CAEC-4308-8CDF-528288B62AE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A8552590-0D3B-4978-ACE9-91C9F9885297}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FBC9DEED-DD70-4439-85BB-EF766E87541F}] => (Allow) C:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{3DE52AA1-9573-4BF0-A92D-A0834B93341E}] => (Allow) C:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{838A8F30-6F75-4E42-893E-4251A384E041}] => (Allow) C:\Games\Steam\SteamApps\common\FINAL FANTASY XV\ffxv_s.exe
FirewallRules: [{F5D9174B-EC48-48EF-B040-DA77435E0947}] => (Allow) C:\Games\Steam\SteamApps\common\FINAL FANTASY XV\ffxv_s.exe
FirewallRules: [{3FB0B628-F50C-4335-B5A5-DC9CF73DFC39}] => (Allow) C:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{0EAAD34C-53E4-4A94-9273-5FAD7DCC85A4}] => (Allow) C:\Games\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [TCP Query User{9DA61FE3-B2FA-4B81-93CD-2E35EADFD266}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [UDP Query User{EF799A2E-5A5F-48C7-BD5B-034C6400BEBE}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe
FirewallRules: [TCP Query User{D3654E23-4518-4134-877A-C14D70902A32}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [UDP Query User{8DB764A9-C0ED-4F5B-9533-D1F6A882B497}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [TCP Query User{C5519D7B-E58F-429F-91BF-7958FF93901F}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
FirewallRules: [UDP Query User{4CBCFE19-33D3-4094-95AD-081BFAEF8ACD}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4A8F7596-9349-4566-9B27-D16A107FBDA5}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [UDP Query User{3C6620E6-5466-4A08-84CE-BBCE9FB84AC6}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [TCP Query User{1905AD01-C10F-4219-9B03-8C563BA6C99D}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{430AE4AA-C262-4B3D-8402-04CF9E31ECA1}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7DF5F08E-3B14-4BA7-9716-187CB12126E6}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [UDP Query User{627158A4-B962-45DB-874B-6F3B95DD4D05}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe
FirewallRules: [TCP Query User{93C123D9-863C-49D8-9DE9-DD2A34032E40}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F14AC8D2-971D-4313-833C-DD97AA1C249C}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe
FirewallRules: [TCP Query User{0D1027AB-E0A3-4687-85A3-CD0105AA3459}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D4731164-430F-4258-9E6C-5EB0E9D549ED}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe
FirewallRules: [TCP Query User{0E89099D-9723-4A45-81F3-62C76204D6D1}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
FirewallRules: [UDP Query User{0C82ED15-BA6F-44CE-AF50-7A185A733F66}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe
FirewallRules: [TCP Query User{BCCCCD34-6A32-4F01-A3CE-E81F2378910E}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe
FirewallRules: [UDP Query User{AB69FB88-5F2B-4911-8D74-A714DDD2A645}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe
FirewallRules: [TCP Query User{304BE0F7-404D-4065-8163-6D916AFACE2C}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
FirewallRules: [UDP Query User{000F05B2-8083-4B8A-A6F1-620235825EDD}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
FirewallRules: [TCP Query User{633EBA25-02D3-46F6-84CB-FBBB768E70BB}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
FirewallRules: [UDP Query User{D0A0E33D-95E2-432E-8E5F-31F12323CFD1}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
FirewallRules: [TCP Query User{4D62D806-28E7-4485-B753-4B485F4E7A07}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe
FirewallRules: [UDP Query User{10EB1A7C-EDBB-4773-9168-989F9EA570D2}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe
FirewallRules: [TCP Query User{B668253C-A933-4E05-9FBC-CBA5E55026B9}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe
FirewallRules: [UDP Query User{1F1DED42-78A9-4E02-BD33-850F4E8493F7}C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe
FirewallRules: [{3EC32DC5-ED51-4651-ADCA-F63A871D92C9}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B2AAA132-7B30-45BF-8857-630D49D60CAA}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6487165F-BC8F-458B-8D64-AE52FE5D5CE2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

04-01-2019 12:05:35 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/07/2019 06:08:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422333

Error: (01/06/2019 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "E:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (01/06/2019 04:26:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422333

Error: (01/05/2019 04:51:07 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: USER-PC)
Description: httphttp-2147467263

Error: (01/05/2019 04:26:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422333

Error: (01/05/2019 02:55:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.17134.112, Zeitstempel: 0x2a3c4e62
Name des fehlerhaften Moduls: SettingsHandlers_Notifications.dll, Version: 10.0.17134.165, Zeitstempel: 0x3709cf36
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000387ec
ID des fehlerhaften Prozesses: 0x9b0
Startzeit der fehlerhaften Anwendung: 0xSystemSettings.exe0
Pfad der fehlerhaften Anwendung: SystemSettings.exe1
Pfad des fehlerhaften Moduls: SystemSettings.exe2
Berichtskennung: SystemSettings.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettings.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettings.exe5

Error: (01/05/2019 02:55:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_WpnUserService, Version: 10.0.17134.1, Zeitstempel: 0xa38b9ab2
Name des fehlerhaften Moduls: NotificationController.dll, Version: 10.0.17134.165, Zeitstempel: 0xe0385185
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000008f436
ID des fehlerhaften Prozesses: 0x175c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_WpnUserService0
Pfad der fehlerhaften Anwendung: svchost.exe_WpnUserService1
Pfad des fehlerhaften Moduls: svchost.exe_WpnUserService2
Berichtskennung: svchost.exe_WpnUserService3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_WpnUserService4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_WpnUserService5

Error: (01/05/2019 01:16:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6078

Error: (01/05/2019 01:16:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6078

Error: (01/05/2019 01:16:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (01/07/2019 07:33:50 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 07:33:49 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 07:33:49 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 07:33:45 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 07:33:45 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 07:33:44 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 07:33:44 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 07:33:40 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 06:06:12 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/07/2019 06:05:13 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}User-PCUserS-1-5-21-219060023-492270685-2655468913-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2019-01-07 21:40:09.608
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-07 21:40:09.605
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-07 21:40:09.558
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-07 21:40:09.555
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-06 14:42:32.569
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-06 14:42:32.567
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-06 14:00:50.190
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-06 14:00:50.186
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-06 14:00:50.182
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2019-01-06 14:00:50.180
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6350 Six-Core Processor 
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16383.17 MB
Verfügbarer physikalischer RAM: 11501.84 MB
Summe virtueller Speicher: 32767.17 MB
Verfügbarer virtueller Speicher: 26937.7 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:249.35 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 984C09AA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         

Alt 08.01.2019, 10:16   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Spybot muss runter. Bei der Gelegenheit deinstallieren wir auch weiteren veralteten oder unnötigen Krempel:

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    7-Zip 16.04 (x64)
    7-Zip 9.20 (x64 edition)
    Adobe Acrobat Reader DC
    Adobe Flash Player 32 NPAPI
    Adobe Shockwave Player 12.0
    IrfanView
    Java 8 Update 181
    QuickTime 7
    Spybot - Search & Destroy
    VLC media player

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.01.2019, 10:41   #14
GlowedUp
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Bin gerade dabei. Nur aus Interesse, was steckt denn hinter dem löschen von all den Programmen? Warum ist Spybot ein Problem? Falls du das einem Laien irgendwie erklären kannst

Alt 08.01.2019, 10:50   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komischer Pop Up Virus? - Standard

Komischer Pop Up Virus?



Spybot ist völlig unnötig. Spielt schon lange keine Rolle mehr. Und das andere wurde erklärt.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Komischer Pop Up Virus?
anhang, ausgeführt, bereinigt, bildschirm, bleibe, gestern, google, hilfe!, klick, klickt, komische, komischer, malwarebytes, neues, nichts, pop up, pop ups, screenshot, spybot, suche, tool, ups, virus, virus?, windows



Ähnliche Themen: Komischer Pop Up Virus?


  1. Komischer weißer Bildschirm ( Virus oder Defekt ) ?
    Log-Analyse und Auswertung - 13.07.2015 (5)
  2. Komischer Virus/Trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.08.2013 (25)
  3. Computer öffnet unaufgefordert Seiten und komischer Virus gefunden
    Plagegeister aller Art und deren Bekämpfung - 10.10.2012 (46)
  4. Komischer Blauer Bildschirm ?Virus
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (2)
  5. Irgendein komischer Virus in C:\System Volume Information\
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (13)
  6. Habe ich einen Virus? Avira funktioniert nicht und es taucht ein komischer prozess au
    Plagegeister aller Art und deren Bekämpfung - 29.12.2009 (1)
  7. Komischer Virus ? Kann Programme nicht mehr starten.
    Plagegeister aller Art und deren Bekämpfung - 23.05.2009 (17)
  8. Komischer Virus
    Log-Analyse und Auswertung - 07.11.2008 (0)
  9. Komischer Virus (2. Post sorry)
    Mülltonne - 06.11.2008 (0)
  10. Komischer Virus
    Mülltonne - 06.11.2008 (0)
  11. Komischer Virus
    Log-Analyse und Auswertung - 05.06.2008 (1)
  12. komischer Virus?!
    Plagegeister aller Art und deren Bekämpfung - 02.05.2008 (27)
  13. Komischer Virus Tojaner ??
    Plagegeister aller Art und deren Bekämpfung - 25.04.2008 (2)
  14. Komischer Virus! Siehe Video!
    Plagegeister aller Art und deren Bekämpfung - 07.02.2008 (15)
  15. komischer IE Virus ?
    Plagegeister aller Art und deren Bekämpfung - 10.07.2007 (3)
  16. Komischer Kram.. Virus..Trojaner..wie auch immer. Brauche bitte hilfe!
    Log-Analyse und Auswertung - 20.03.2005 (1)
  17. Hilfe komischer Virus...
    Plagegeister aller Art und deren Bekämpfung - 29.10.2004 (5)

Zum Thema Komischer Pop Up Virus? - Liebe Community. Seit gestern bekomme ich ständig diese komischen Pop Ups in Windows Design. Sie bleiben auch am Bildschirm bestehen, wenn ich Google Chrome schließe. Hab Spybot suchen lassen und - Komischer Pop Up Virus?...
Archiv
Du betrachtest: Komischer Pop Up Virus? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.