Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   WIN10: Immer wiederkehrende Malware egal was ich versuche (verschiedene Programme versucht) (https://www.trojaner-board.de/185613-win10-immer-wiederkehrende-malware-egal-versuche-verschiedene-programme-versucht.html)

burningice 20.05.2017 16:59
okay dann schauen wir nochmal:

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Lade dir folgendes Programm herunter und installiere es: http://filepony.de/icon/tiny/malware...ti_malware.png Malwarebytes Anti-Malware
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Frst.txt
  • Addition.txt

Benfuzius 25.05.2017 13:57
Code:
# AdwCleaner v6.047 - Bericht erstellt am 25/05/2017 um 14:42:53
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-05-23.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Romo - ROMO-PC
# Gestartet von : C:\Users\Romo\Desktop\adwcleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Romo\AppData\Local\Temp\DMR


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [14791 Bytes] - [15/05/2017 22:06:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1995 Bytes] - [15/05/2017 22:13:44]
C:\AdwCleaner\AdwCleaner[C3].txt - [1548 Bytes] - [15/05/2017 22:16:29]
C:\AdwCleaner\AdwCleaner[C4].txt - [1599 Bytes] - [15/05/2017 22:18:24]
C:\AdwCleaner\AdwCleaner[C5].txt - [2528 Bytes] - [15/05/2017 22:37:05]
C:\AdwCleaner\AdwCleaner[C6].txt - [2281 Bytes] - [17/05/2017 00:35:46]
C:\AdwCleaner\AdwCleaner[C7].txt - [5216 Bytes] - [18/05/2017 06:28:00]
C:\AdwCleaner\AdwCleaner[C8].txt - [1583 Bytes] - [25/05/2017 14:42:53]
C:\AdwCleaner\AdwCleaner[S0].txt - [13723 Bytes] - [15/05/2017 22:05:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [2548 Bytes] - [15/05/2017 22:13:32]
C:\AdwCleaner\AdwCleaner[S2].txt - [1721 Bytes] - [15/05/2017 22:16:20]
C:\AdwCleaner\AdwCleaner[S3].txt - [1890 Bytes] - [15/05/2017 22:18:12]
C:\AdwCleaner\AdwCleaner[S4].txt - [2963 Bytes] - [15/05/2017 22:36:57]
C:\AdwCleaner\AdwCleaner[S5].txt - [2434 Bytes] - [17/05/2017 00:35:07]
C:\AdwCleaner\AdwCleaner[S6].txt - [5267 Bytes] - [18/05/2017 06:27:30]
C:\AdwCleaner\AdwCleaner[S7].txt - [2362 Bytes] - [25/05/2017 14:42:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C8].txt - [2241 Bytes] ##########

Wie bereits erwähnt kann ich Malwarebytes Anti-Malware nicht installieren ! Runtime error 49:120 erscheint direkt nach der Sprachauswahl

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Romo (Administrator) auf ROMO-PC (25-05-2017 14:51:38)
Gestartet von C:\Users\Romo\Desktop
Geladene Profile: Romo (Verfügbare Profile: Romo & DefaultAppPool)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Romo\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Romo\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Romo\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Dropbox, Inc.) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [433160 2015-09-04] (DivX, LLC)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-27] (DivX, LLC)
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Romo\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Run: [Spotify Web Helper] => C:\Users\Romo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-04] (Spotify Ltd)
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Run: [Dropbox Update] => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Run: [Discord] => C:\Users\Romo\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
Startup: C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2017-05-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{036d7a67-7b1c-4223-8046-161aceeb7c40}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-26] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: msfz6nh6.default-1495082881402
FF ProfilePath: C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402 [2017-05-25]
FF Homepage: Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402 -> www.google.de/
FF Extension: (AdBlocker Ultimate) - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402\Extensions\adblockultimate@adblockultimate.net.xpi [2017-05-20]
FF Extension: (Ghostery) - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402\Extensions\firefox@ghostery.com.xpi [2017-05-20]
FF Extension: (Adblock Plus) - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-19]
FF HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\0o0j768i.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2015-12-27] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> E:\Programme\VLC\npvlc.dll [2013-11-12] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-10-28] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-26] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-01-22] (Adobe Systems) [Datei ist nicht signiert]
S3 GalaxyClientService; E:\Programme\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-27] (GOG.com)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; E:\Programme\Origin\OriginClientService.exe [2004488 2015-07-03] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-21] (REALiX(tm))
S3 ISCT; C:\WINDOWS\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-05-02] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-10-18] (Wellbia.com Co., Ltd.)
U3 idsvc; kein ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========
Code:
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-25 14:51 - 2017-05-25 14:51 - 00016721 _____ C:\Users\Romo\Desktop\FRST.txt
2017-05-25 14:51 - 2017-05-25 14:51 - 00000000 ____D C:\Users\Romo\Desktop\FRST-OlderVersion
2017-05-25 14:48 - 2017-05-25 14:47 - 63364552 _____ (Malwarebytes ) C:\Users\Romo\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-25 14:39 - 2017-05-25 14:39 - 04110280 _____ C:\Users\Romo\Desktop\adwcleaner_6.047.exe
2017-05-21 13:53 - 2017-05-21 13:53 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-05-21 13:53 - 2017-05-21 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2017-05-20 11:15 - 2017-05-20 11:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-20 11:14 - 2017-05-20 11:14 - 00000020 ___SH C:\Users\Romo\ntuser.ini
2017-05-20 06:47 - 2017-05-20 06:47 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-20 06:47 - 2017-05-20 06:47 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-20 06:47 - 2017-05-20 06:47 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-20 06:47 - 2017-05-20 06:47 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-20 06:47 - 2017-05-20 06:47 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-20 06:47 - 2017-05-20 06:47 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-20 06:47 - 2017-05-20 06:47 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-20 06:47 - 2017-05-20 06:47 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-20 06:47 - 2017-05-20 06:47 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00000000 ____D C:\Windows.old
2017-05-20 06:45 - 2017-05-20 06:45 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-20 06:45 - 2017-05-20 05:49 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-20 06:45 - 2017-03-17 23:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-05-20 06:45 - 2017-03-17 22:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-05-20 06:45 - 2017-03-17 22:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-05-20 06:45 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-05-20 06:45 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\Program Files\MSBuild
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\inetpub
2017-05-20 06:44 - 2017-05-20 05:51 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-20 06:44 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-20 06:44 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-20 06:44 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-20 06:43 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-20 06:43 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-20 06:43 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-20 06:03 - 2017-05-20 06:03 - 00000000 ____D C:\ProgramData\USOShared
2017-05-20 05:55 - 2017-05-20 05:55 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-20 05:55 - 2017-05-20 05:55 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-20 05:54 - 2017-05-25 14:48 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{26661E06-5450-424E-91E2-146996F2F0F4}
2017-05-20 05:54 - 2017-05-25 14:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-20 05:54 - 2017-05-20 11:16 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-20 05:54 - 2017-05-20 05:54 - 00003942 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000UA1d2370fbcc1d718
2017-05-20 05:54 - 2017-05-20 05:54 - 00003674 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000Core1d2370fbcb80c1d
2017-05-20 05:54 - 2017-05-20 05:54 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-20 05:54 - 2017-05-20 05:54 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-20 05:54 - 2017-05-20 05:54 - 00003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00003376 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-20 05:54 - 2017-05-20 05:54 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-20 05:54 - 2017-05-20 05:54 - 00003324 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1434919741
2017-05-20 05:54 - 2017-05-20 05:54 - 00003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002968 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002214 _____ C:\WINDOWS\System32\Tasks\{65070599-A99C-4B44-93A5-3EA3305E965F}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002200 _____ C:\WINDOWS\System32\Tasks\{41A9DB71-6E8A-41AB-85D6-F344D227C96F}
2017-05-20 05:54 - 2017-05-20 05:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-20 05:54 - 2017-05-20 05:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-20 05:54 - 2017-05-20 05:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Abelssoft
2017-05-20 05:52 - 2017-05-20 05:52 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-20 05:51 - 2017-05-20 05:53 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-20 05:51 - 2017-05-20 05:51 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-20 05:51 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-20 05:50 - 2017-05-25 14:49 - 02139000 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-20 05:50 - 2017-05-25 14:48 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-20 05:50 - 2017-05-24 16:47 - 00000000 ____D C:\Users\Romo
2017-05-20 05:50 - 2017-05-20 05:54 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-20 05:50 - 2017-05-20 05:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-20 05:50 - 2017-05-20 05:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-20 05:50 - 2017-05-20 05:51 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-20 05:50 - 2017-05-20 05:50 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Vorlagen
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Startmenü
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Netzwerkumgebung
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Lokale Einstellungen
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Eigene Dateien
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Druckumgebung
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Documents\Eigene Videos
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Documents\Eigene Musik
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Documents\Eigene Bilder
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\AppData\Local\Verlauf
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\AppData\Local\Anwendungsdaten
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Anwendungsdaten
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 ____D C:\Program Files\Realtek
2017-05-20 05:50 - 2017-05-01 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-20 05:50 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-20 05:50 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-20 05:49 - 2017-05-25 14:43 - 00293920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-20 05:49 - 2017-05-20 05:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-18 15:04 - 2017-05-19 16:06 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-18 15:04 - 2017-05-18 15:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-18 15:04 - 2017-05-18 15:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-18 15:02 - 2017-05-19 01:41 - 00000000 ____D C:\Users\Romo\mbar
2017-05-18 15:02 - 2017-05-18 15:21 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-05-18 14:24 - 2017-05-18 14:24 - 00624640 _____ C:\WINDOWS\system32\NETUTILS2016.del
2017-05-18 14:24 - 2017-05-18 14:24 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-05-18 05:36 - 2017-05-20 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-18 05:36 - 2017-05-18 15:21 - 00000751 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-18 01:45 - 2017-05-20 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cycle Addon for WYSIWYG Web Builder
2017-05-18 01:44 - 2017-05-20 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FluidBox Addon for WYSIWYG Web Builder
2017-05-18 01:44 - 2017-05-18 01:45 - 00000909 _____ C:\WINDOWS\Cycle Addon for WYSIWYG Web Builder Setup Log.txt
2017-05-18 01:44 - 2017-05-18 01:44 - 00000893 _____ C:\WINDOWS\FluidBox Addon for WYSIWYG Web Builder Setup Log.txt
2017-05-18 01:43 - 2017-05-20 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceBox Addon for WYSIWYG Web Builder
2017-05-18 01:43 - 2017-05-18 01:44 - 00737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2017-05-18 01:42 - 2017-05-18 01:43 - 00001298 _____ C:\WINDOWS\FaceBox Addon for WYSIWYG Web Builder Setup Log.txt
2017-05-18 00:22 - 2017-05-20 05:53 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-17 13:31 - 2017-05-25 14:51 - 00000000 ____D C:\FRST
2017-05-17 13:30 - 2017-05-25 14:51 - 02429952 _____ (Farbar) C:\Users\Romo\Desktop\FRST64.exe
2017-05-17 01:45 - 2017-05-17 01:48 - 00147978 _____ C:\TDSSKiller.3.1.0.15_17.05.2017_01.45.27_log.txt
2017-05-17 01:41 - 2017-05-17 15:19 - 00000000 ____D C:\Program Files\REIMAGE.del
2017-05-16 11:17 - 2017-05-18 15:11 - 00000000 ____D C:\ProgramData\BIT.del
2017-05-16 11:16 - 2017-05-16 23:27 - 00000000 ____D C:\Users\Romo\AppData\Roaming\WINSAPSVC.del
2017-05-16 11:16 - 2017-05-16 23:27 - 00000000 ____D C:\Users\Romo\AppData\Local\CWASRE.del
2017-05-15 23:29 - 2017-05-19 21:50 - 00000254 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2017-05-15 23:28 - 2017-05-18 14:46 - 00000000 ____D C:\@RestoreQuarantine
2017-05-15 23:18 - 2017-05-20 11:15 - 00000000 ____D C:\Users\Romo\Documents\RegRun2
2017-05-15 23:18 - 2017-05-19 04:04 - 00000000 ____D C:\ProgramData\RegRun
2017-05-15 23:18 - 2017-05-15 23:18 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2017-05-15 23:18 - 2017-05-15 23:18 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2017-05-15 23:18 - 2017-05-15 23:18 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2017-05-15 23:15 - 2017-05-18 15:21 - 00002269 _____ C:\Users\Romo\Desktop\Discord.lnk
2017-05-15 23:15 - 2017-05-15 23:15 - 00000000 ____D C:\Users\Romo\AppData\Local\Discord
2017-05-15 22:39 - 2017-05-15 22:39 - 03124864 _____ (ESET) C:\Users\Romo\Downloads\eset_nod32_antivirus_live_installer_rt_de.exe
2017-05-15 22:14 - 2017-05-15 22:45 - 00009571 _____ C:\Users\Romo\Desktop\pad.odt
2017-05-15 22:04 - 2017-05-25 14:42 - 00000000 ____D C:\AdwCleaner
2017-05-15 20:47 - 2017-05-20 11:14 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-15 20:21 - 2017-05-15 20:23 - 00000000 ____D C:\Users\Romo\AppData\Local\navitool
2017-05-15 19:55 - 2017-05-15 19:56 - 04102600 _____ C:\Users\Romo\Downloads\adwcleaner_6.046.exe
2017-05-15 19:42 - 2017-05-15 19:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-05-15 15:19 - 2017-05-15 15:19 - 00140800 _____ C:\Users\Romo\AppData\Local\installer.dat
2017-05-15 15:19 - 2017-05-15 15:19 - 00011568 _____ C:\Users\Romo\AppData\Local\InstallationConfiguration.xml
2017-05-15 15:18 - 2017-05-15 15:18 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-05-15 15:18 - 2017-05-15 15:18 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-05-10 18:24 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-10 18:22 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01600560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01276128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00218040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-05-10 18:22 - 2017-05-02 00:38 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-10 18:22 - 2017-05-02 00:38 - 00046008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-10 18:22 - 2017-05-02 00:38 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-10 18:22 - 2017-05-02 00:38 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-10 14:23 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 13:52 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-10 13:52 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-10 13:52 - 2017-05-03 22:21 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-04 18:57 - 2017-05-04 18:57 - 00000000 ____D C:\Users\Romo\Documents\League of Legends
2017-05-04 12:21 - 2017-05-18 15:21 - 00000787 _____ C:\Users\Public\Desktop\WYSIWYG Web Builder 12.lnk
2017-05-04 12:21 - 2017-05-18 15:21 - 00000787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WYSIWYG Web Builder 12.lnk
2017-05-04 12:21 - 2017-05-04 12:39 - 00000000 ____D C:\Users\Romo\Documents\WYSIWYG Web Builder
2017-05-02 23:11 - 2017-05-02 23:11 - 00017484 _____ C:\Users\Romo\Desktop\Pubquizfragen.odt
2017-04-29 18:02 - 2017-04-29 19:02 - 00021275 _____ C:\Users\Romo\Desktop\Pubquiz (Benny).odt
2017-04-26 01:05 - 2017-04-20 03:59 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438189.dll
2017-04-26 01:05 - 2017-04-20 03:59 - 01589880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438189.dll
2017-04-26 00:44 - 2017-05-03 21:28 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
Code:
==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-25 14:49 - 2017-03-20 06:35 - 00913164 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-25 14:49 - 2017-03-20 06:35 - 00204862 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-25 14:44 - 2016-11-20 05:03 - 00000000 ____D C:\Users\Romo\AppData\LocalLow\Mozilla
2017-05-25 14:43 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-05-25 14:42 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-25 14:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-24 12:08 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-23 15:54 - 2013-12-20 19:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 15:53 - 2013-12-20 19:11 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 15:05 - 2015-10-12 12:24 - 00000000 ____D C:\Users\Romo\AppData\Local\NVIDIA Corporation
2017-05-22 12:48 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-21 14:14 - 2015-08-01 17:59 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-21 14:14 - 2013-12-20 20:23 - 00000000 ____D C:\ProgramData\Avira
2017-05-21 03:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-20 13:15 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-20 11:30 - 2015-08-01 19:58 - 00000000 ____D C:\Users\Romo\AppData\Local\Packages
2017-05-20 11:21 - 2016-11-05 01:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-20 11:16 - 2015-08-01 20:00 - 00002421 _____ C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-20 11:16 - 2015-08-01 20:00 - 00000000 ___RD C:\Users\Romo\OneDrive
2017-05-20 11:15 - 2015-06-18 18:42 - 00000000 ____D C:\Users\Romo\AppData\Local\Dropbox
2017-05-20 11:14 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-20 11:14 - 2015-08-01 20:41 - 00000000 ____D C:\Users\Romo\AppData\Local\MicrosoftEdge
2017-05-20 11:14 - 2015-08-01 19:58 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-20 06:49 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-20 06:47 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-20 06:47 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-20 06:45 - 2017-03-20 06:36 - 00000000 ____D C:\WINDOWS\OCR
2017-05-20 06:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-20 06:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-20 06:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-20 06:44 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-20 06:44 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-20 06:44 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-20 06:44 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-20 06:44 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-20 06:44 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-20 06:44 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-20 06:44 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-20 06:44 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-20 06:44 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-20 06:44 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-20 06:44 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-20 06:44 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-20 06:44 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-20 06:44 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-20 06:03 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-20 05:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-20 05:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-20 05:55 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-20 05:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-20 05:54 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-20 05:54 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-20 05:54 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-20 05:54 - 2015-08-01 18:04 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-20 05:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-20 05:53 - 2017-01-31 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-05-20 05:53 - 2016-01-10 13:07 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2017-05-20 05:53 - 2015-10-12 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-20 05:53 - 2015-08-18 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-05-20 05:53 - 2015-01-22 04:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-05-20 05:53 - 2014-12-13 14:34 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2017-05-20 05:53 - 2014-11-24 02:41 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCitizen
2017-05-20 05:53 - 2014-11-19 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-05-20 05:53 - 2014-11-03 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-20 05:53 - 2014-09-06 07:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2017-05-20 05:53 - 2014-08-20 18:56 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-05-20 05:53 - 2014-05-15 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-20 05:53 - 2014-01-03 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-20 05:53 - 2014-01-02 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-05-20 05:53 - 2014-01-02 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2017-05-20 05:53 - 2013-12-30 02:46 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-20 05:53 - 2013-12-30 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-20 05:53 - 2013-12-21 03:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2017-05-20 05:53 - 2013-12-20 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-20 05:53 - 2013-12-20 18:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-05-20 05:53 - 2013-12-20 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2017-05-20 05:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-20 05:52 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-20 05:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-20 05:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-20 05:52 - 2014-05-01 08:43 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\System
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-20 05:51 - 2016-09-19 02:40 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-20 05:51 - 2016-02-05 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2017-05-20 05:51 - 2015-11-01 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-05-20 05:51 - 2015-10-16 20:32 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-20 05:51 - 2015-09-01 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-20 05:51 - 2015-05-11 23:42 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\minon
2017-05-20 05:51 - 2014-08-16 05:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-20 05:51 - 2014-08-12 02:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2017-05-20 05:51 - 2013-12-20 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-05-20 05:51 - 2013-12-20 18:07 - 00000000 ____D C:\Program Files\Intel
2017-05-20 05:51 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2017-05-20 05:50 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-20 05:50 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-20 05:37 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-18 15:21 - 2017-01-31 10:13 - 00002218 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-05-18 15:21 - 2016-11-14 17:58 - 00001482 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-18 15:21 - 2016-05-07 04:54 - 00001144 _____ C:\Users\Romo\Desktop\Overwatch Launcher.lnk
2017-05-18 15:21 - 2016-05-01 00:41 - 00000820 _____ C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-05-18 15:21 - 2015-12-15 01:55 - 00001577 _____ C:\Users\Romo\Desktop\Rechner.lnk
2017-05-18 15:21 - 2015-11-01 22:08 - 00000743 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2017-05-18 15:21 - 2015-11-01 22:03 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-05-18 15:21 - 2015-10-06 21:48 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-18 15:21 - 2015-10-06 21:48 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-05-18 15:21 - 2015-09-02 03:54 - 00000737 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-05-18 15:21 - 2015-08-01 20:00 - 00001050 _____ C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-05-18 15:21 - 2015-06-21 22:49 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-05-18 15:21 - 2015-06-21 22:49 - 00001108 _____ C:\Users\Public\Desktop\Opera.lnk
2017-05-18 15:21 - 2015-05-08 21:40 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-18 15:21 - 2015-03-23 16:35 - 00001803 _____ C:\Users\Romo\Desktop\Spotify.lnk
2017-05-18 15:21 - 2015-03-23 16:35 - 00001789 _____ C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-05-18 15:21 - 2015-01-22 04:14 - 00001077 _____ C:\Users\Romo\Desktop\Photoshop.lnk
2017-05-18 15:21 - 2015-01-22 04:10 - 00002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2017-05-18 15:21 - 2015-01-22 04:10 - 00002070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2017-05-18 15:21 - 2015-01-22 04:10 - 00001652 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2017-05-18 15:21 - 2015-01-22 04:10 - 00001647 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2017-05-18 15:21 - 2014-11-24 02:41 - 00000814 _____ C:\Users\Romo\Desktop\StarCitizen.lnk
2017-05-18 15:21 - 2014-11-09 06:02 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2017-05-18 15:21 - 2014-08-16 05:42 - 00000669 _____ C:\Users\Romo\Desktop\EVEREST Ultimate Edition.lnk
2017-05-18 15:21 - 2014-07-04 15:26 - 00000804 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2017-05-18 15:21 - 2014-07-04 15:26 - 00000742 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2017-05-18 15:21 - 2014-05-15 18:46 - 00000650 _____ C:\Users\Public\Desktop\Origin.lnk
2017-05-18 15:21 - 2014-01-08 02:19 - 00000650 _____ C:\Users\Romo\Desktop\Caritas.lnk
2017-05-18 15:21 - 2014-01-03 17:59 - 00000766 _____ C:\Users\Public\Desktop\Battle.net.lnk
2017-05-18 15:21 - 2014-01-02 02:13 - 00000618 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-05-18 15:21 - 2014-01-01 20:06 - 00001017 _____ C:\Users\Romo\Desktop\Dropbox.lnk
2017-05-18 15:21 - 2013-12-21 03:45 - 00001110 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2017-05-18 15:21 - 2013-12-20 21:12 - 00000710 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-05-18 15:21 - 2013-12-20 20:59 - 00000670 _____ C:\Users\Romo\Desktop\SpeedFan.lnk
2017-05-18 15:21 - 2013-12-20 19:35 - 00000636 _____ C:\Users\Public\Desktop\Steam.lnk
2017-05-18 15:21 - 2013-12-20 18:50 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2017-05-18 15:21 - 2013-12-20 18:50 - 00001156 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2017-05-18 15:19 - 2015-06-21 22:48 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-18 15:11 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\HP Deskjet 3840 Series
2017-05-18 14:29 - 2015-03-23 16:35 - 00000000 ____D C:\Users\Romo\AppData\Local\Spotify
2017-05-18 14:29 - 2015-03-23 16:34 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Spotify
2017-05-18 14:20 - 2015-02-12 22:48 - 00000000 ____D C:\Users\Romo\AppData\LocalLow\Temp
2017-05-18 05:42 - 2013-12-21 03:40 - 00000000 ____D C:\ProgramData\Adobe
2017-05-18 05:42 - 2013-12-20 19:22 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Adobe
2017-05-18 00:23 - 2014-01-01 20:04 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Dropbox
2017-05-17 16:17 - 2014-01-10 18:50 - 00000000 ____D C:\Users\Romo\AppData\Local\CrashDumps
2017-05-17 01:29 - 2013-12-20 20:24 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Avira
2017-05-15 23:29 - 2017-01-26 21:46 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-05-15 23:24 - 2013-12-20 19:18 - 00000000 ____D C:\ProgramData\McAfee
2017-05-15 23:15 - 2016-09-19 02:40 - 00000000 ____D C:\Users\Romo\AppData\Local\SquirrelTemp
2017-05-15 22:10 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\SlickIt
2017-05-15 20:10 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\RezenCourt
2017-05-09 16:53 - 2017-01-26 21:46 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-05-03 22:21 - 2016-11-14 17:57 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2016-11-14 17:57 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2016-11-14 17:57 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2016-11-14 17:57 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2016-11-14 17:57 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2005-04-04 18:56 - 2005-04-04 18:56 - 0003580 _____ () C:\Program Files\Bitte zuerst lesen.html
2005-04-07 16:07 - 2005-04-07 16:07 - 0014601 _____ () C:\Program Files\Installationsanleitung.html
2005-02-25 15:37 - 2005-02-25 15:37 - 0157035 _____ () C:\Program Files\LegalNotices.pdf
2005-03-24 16:28 - 2005-03-24 16:28 - 0383996 _____ () C:\Program Files\Photoshop Neue Funktionen.pdf
2017-05-15 15:19 - 2017-05-15 15:19 - 0011568 _____ () C:\Users\Romo\AppData\Local\InstallationConfiguration.xml
2017-05-15 15:19 - 2017-05-15 15:19 - 0140800 _____ () C:\Users\Romo\AppData\Local\installer.dat

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

Benfuzius 25.05.2017 13:58
Addition
 
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Romo (25-05-2017 14:51:59)
Gestartet von C:\Users\Romo\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-20 03:56:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2079666805-3719247669-552477099-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2079666805-3719247669-552477099-503 - Limited - Disabled)
Gast (S-1-5-21-2079666805-3719247669-552477099-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2079666805-3719247669-552477099-1002 - Limited - Enabled)
Romo (S-1-5-21-2079666805-3719247669-552477099-1000 - Administrator - Enabled) => C:\Users\Romo

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Curse Client (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Cycle Addon for WYSIWYG Web Builder  (HKLM-x32\...\WYSIWYG_Web_Builder_cycle) (Version:  - )
Discord (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.1.2 - DivX, LLC)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Dropbox) (Version: 26.4.24 - Dropbox, Inc.)
FaceBox Addon for WYSIWYG Web Builder  (HKLM-x32\...\WYSIWYG_Web_Builder_facebox) (Version:  - )
FluidBox Addon for WYSIWYG Web Builder  (HKLM-x32\...\WYSIWYG_Web_Builder_fluidbox) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HWiNFO32 Version 5.50 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.50 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version:  - Bitbox Ltd.)
Microsoft OneDrive (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Might and Magic Heroes VII (HKLM-x32\...\Uplay Install 1176) (Version:  - Ubisoft)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 45.0.2552.812 (HKLM-x32\...\Opera 45.0.2552.812) (Version: 45.0.2552.812 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.02 - Creative Technology Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{cbb31fbb-788a-48fe-bacf-3101a9f985a6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0442D1E7-88E9-4DF4-A8AD-B3F6203C2D1A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {0CE99F16-F3E1-4B58-8CAD-0BE3C84B5035} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {101B675E-6DDC-4598-BABD-767DFCFC8848} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {1021623E-9CF8-426D-AE51-63E1D66373CB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {1721A231-9085-481B-923C-F9664D79119B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {22C51718-24A4-4B92-AF0C-132207272514} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {262BA8BC-8998-4A27-90A4-A98D65C125BB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {2FBFF770-F553-4297-9AE1-63C752F7AC57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {341C4A33-B1BB-4C18-8592-3FC2F44ADA8C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3C02DADB-FF95-4307-8843-A6D9096CDC30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-08] (Google Inc.)
Task: {3D9B0B8F-3F48-4331-AAD6-7059A5062691} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {45B648F5-14F8-46E8-B517-68412EC3B664} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4E2284EB-FC46-4A94-9C74-63575931BE81} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {59F870A7-A112-404F-851B-9D6FC68675FD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {5AEA9023-36B0-4664-A5B9-E3966C21A2AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-08] (Google Inc.)
Task: {6A1424B5-67F7-4AB5-898D-D1B149E45FC3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {6A204792-A030-4978-BCCE-3E0FC13AF1F1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {70DDF34A-54CA-4D3D-839E-531A6EE975EC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {752658A6-8F80-49B7-8111-A0C6BF5CBB63} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {7EBF53E0-1EB1-4EA4-A1F3-E21BD1670223} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7FCE2A42-99F8-4AF4-812B-9B4F15D84727} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {866F5E04-284F-4D4A-9364-03AFDC1B9424} - System32\Tasks\{65070599-A99C-4B44-93A5-3EA3305E965F} => pcalua.exe -a E:\Download\Setup.exe -d E:\Download
Task: {89A358AA-8892-467A-AD32-BA70B01CC235} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {8A46BB78-FA0D-48E7-B910-D2F308E10AC5} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => %windir%\System32\UNP\UNPCampaignManager.exe
Task: {8B16D510-0CDC-4058-BB76-3CBD544D8F8C} - \HP Deskjet 3840 Series -> Keine Datei <==== ACHTUNG
Task: {8BA2372B-CEF7-4F17-BFB3-F860A23240EC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {8FEA6BEA-4BAC-4B8A-9ED7-E879233B19B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {941035A6-D70C-4DA6-90E7-4DA34D499D03} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {99D4F6CC-19CA-4EE5-A4D1-9CC0E29E27CF} - System32\Tasks\Opera scheduled Autoupdate 1434919741 => C:\Program Files (x86)\Opera\launcher.exe [2017-05-15] (Opera Software)
Task: {ACD02558-3901-4504-86AC-9413C6E97CFB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {C616B313-6C09-4C14-B4C9-70886D132D26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000Core1d2370fbcb80c1d => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {C796DF92-B26C-49FE-9C97-702E17C0ED24} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C86650F8-7AB8-4D76-9D30-88ADF92174E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {CC94176A-AD77-4B37-B3E1-7E721CCAC4A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {D37AD329-FA77-48EB-8219-A5AB0A722768} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {D7828D55-302D-4E31-815B-CE97BFB839E9} - System32\Tasks\{41A9DB71-6E8A-41AB-85D6-F344D227C96F} => pcalua.exe -a D:\sansa-installer.exe -d D:\
Task: {E0752EDF-CE08-4AB2-AB0F-9EB70D79CCFE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E8CF7501-9C8E-45E0-9828-6E862549BA4A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EC7CB72B-65B8-4B50-909A-7D85A06DC0C6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EF27AC23-204C-4C43-9D7C-65F7DA1E5B8B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000UA1d2370fbcc1d718 => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {FBA6CC1D-1834-43E4-9A64-C685480DF89A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {FD1ACFB9-0D85-4FE2-840B-F372A92F2C83} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000Core1d2370fbcb80c1d.job => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000UA1d2370fbcc1d718.job => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-11-14 17:57 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () E:\Programme\Notepad++\NppShell_06.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-09 08:53 - 2017-05-09 08:55 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 08:53 - 2017-05-09 08:55 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 08:53 - 2017-05-09 08:55 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 08:53 - 2017-05-09 08:55 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2016-11-14 17:57 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-18 00:22 - 2017-05-16 22:55 - 00871744 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-05-18 00:22 - 2017-05-16 22:55 - 01787200 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2015-12-12 04:48 - 2017-04-26 02:38 - 00035792 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-12 04:48 - 2017-04-26 02:38 - 00100296 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 04:48 - 2017-04-26 02:38 - 00018888 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 04:48 - 2017-05-16 23:00 - 00019776 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00020824 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 04:48 - 2017-04-26 02:39 - 00123856 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-12 04:48 - 2017-04-26 02:38 - 00694224 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 01729360 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00020816 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-05-18 00:22 - 2017-04-26 02:38 - 00145864 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-05-18 00:22 - 2017-04-26 02:39 - 00019408 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-05-18 00:22 - 2017-04-26 02:38 - 00116688 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 04:48 - 2017-04-26 02:40 - 00105928 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 21:07 - 2017-05-16 23:01 - 00022864 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00060736 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00038712 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00024528 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-05-18 00:22 - 2017-04-26 02:38 - 00392656 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-05-18 00:22 - 2017-04-26 02:40 - 00020936 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00116176 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 04:48 - 2017-05-16 23:00 - 00392512 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00124880 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 21:07 - 2017-05-16 23:01 - 00026456 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00024016 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00175560 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00030160 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00043472 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00048592 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00057808 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00024016 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00246608 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00027488 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00022336 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-05-18 00:18 - 2017-05-16 23:01 - 00082264 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2015-12-12 04:48 - 2017-05-16 23:01 - 00025432 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00028616 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 01826104 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 04:48 - 2017-04-26 02:39 - 00083912 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\sip.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 01972024 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 03928896 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00171336 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00042816 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00531264 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00133432 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00224064 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00207680 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00060880 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-02-27 23:50 - 2017-05-16 23:01 - 00054608 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-01-20 22:43 - 2017-05-16 23:01 - 00022864 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 03:05 - 2017-05-16 23:01 - 00069968 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-01-20 22:43 - 2017-05-16 23:01 - 00022872 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-20 22:43 - 2017-05-16 23:01 - 00021848 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-20 22:43 - 2017-05-16 23:01 - 00022872 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00349128 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00103232 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2016-02-12 13:37 - 2017-05-16 23:01 - 00023896 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00025936 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-05-18 00:22 - 2017-04-26 02:34 - 00036296 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\librsync.dll
2017-05-18 00:22 - 2017-05-16 23:00 - 00033112 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-05-18 00:22 - 2017-03-22 12:07 - 00293392 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-05-18 00:22 - 2017-05-16 23:00 - 00084288 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-07-12 10:11 - 2017-05-16 23:01 - 00030536 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2017-05-18 00:22 - 2017-04-26 02:43 - 00017864 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-05-18 00:22 - 2017-04-26 02:43 - 01631184 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-08-05 21:07 - 2017-05-16 23:01 - 00026456 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-08 14:00 - 2017-05-16 23:01 - 00023368 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\wincrashpad.compiled._Crashpad.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00546104 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00357688 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2013-12-20 18:06 - 2012-10-31 16:00 - 00991232 ____N () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll
2014-04-03 16:48 - 2014-04-03 16:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-05-18 14:20 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      localhost
Code:
==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2079666805-3719247669-552477099-1000\Control Panel\Desktop\\Wallpaper -> E:\Pics\Wandfotos\Jedi-Master-Yoda.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Raptr"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FF734F89-2A15-4A9B-B53F-35A702064D50}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.812\opera.exe
FirewallRules: [{F20C1C9B-E5AF-4CEC-8506-25FA694C149E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6EEB16E7-4AB9-4C9B-A3F7-A6C050C3F914}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{E4378D98-293D-425F-B8EA-368F2251CCFF}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{C07B2376-3E15-49F0-93A8-76BD8EDE91B7}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{50093094-87F9-4E7B-A7AD-44D4B04BC61E}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{9EBF86FA-D7EF-4387-89EA-A3204638A75B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2125F6FB-F60F-4CB0-B103-B31E57CE2B5D}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7F547509-00D9-46FC-B3B3-0F69620EA37D}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5C839772-6725-45C7-9016-C31C05DBE133}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{6506AC32-1126-4CD8-963C-8B4420B2EB0A}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{04B6599F-3E5B-4FFC-95BC-1ED85F696F4F}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{533BFCFC-5C38-4323-AC08-2A3FFD5F28AC}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01D9A147-A547-4A56-A09D-BC0C230065A8}] => (Allow) E:\Programme\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{0A46AB41-4DF4-43F9-8037-DE442E63396F}] => (Allow) E:\Programme\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{A362A522-FEBE-4AEC-91EF-331612A2D9BA}] => (Allow) E:\Programme\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{B6E72A19-2109-4FBB-A168-D9D552421455}] => (Allow) E:\Programme\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{A8FF255F-77A9-4C39-BD9F-6B3A0E71F12C}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{CD4F3E3B-0D46-4194-8BB4-96522EA1518A}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6A33E5D8-DC65-4D84-96F0-741E7B5267D4}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EB1183A0-4109-44C1-A88A-E383C0109C3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{91340F72-103D-456C-96B7-7E58CD142AA1}] => (Allow) E:\Programme\Steam\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{1E38CA72-AF49-4E80-AB7F-259B155FF193}] => (Allow) E:\Programme\Steam\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [UDP Query User{233983CA-6316-4C1F-9A62-DA684B102B2A}E:\spiele\bd\bin64\blackdesert64.exe] => (Allow) E:\spiele\bd\bin64\blackdesert64.exe
FirewallRules: [TCP Query User{AFC54D0C-72F2-4CB5-A7EB-599C56CE8113}E:\spiele\bd\bin64\blackdesert64.exe] => (Allow) E:\spiele\bd\bin64\blackdesert64.exe
FirewallRules: [{8E9C5027-5245-4CEC-B374-05D8558B41B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DA58CEE-A131-4F88-907D-157BC3549BED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B146321F-18EB-4842-A6D3-58265F0FEF74}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Might and Magic Heroes VII\Binaries\Win64\MMH7Game-Win64-Shipping.exe
FirewallRules: [{EDDE1045-5298-4D0B-9495-F357B22FA241}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Might and Magic Heroes VII\Binaries\Win32\MMH7Game-Win32-Shipping.exe
FirewallRules: [{5620A8C5-574D-4C02-BF92-274BD8135580}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09EBD7FE-D27D-4FB6-A543-F556B12ECA3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67BEE03A-3F53-4FF5-954B-EB1E0761366E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{905D632F-18FA-4C14-8FE0-7D0A24FCCEA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2587931A-7169-4B97-99E9-2C779D4BB4F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5BDBF42A-2ECA-4050-853F-80B07F855CB9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{297C0DFF-EE5A-4BF2-8308-8217F0850B2A}E:\spiele\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0E490114-B4A8-44E8-B9E6-B2327C62D4FB}E:\spiele\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5AFB575F-79CB-48C2-A924-2EB6D63EF2F0}E:\spiele\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F2ECE1B7-56FF-4E8D-99E7-72E7EF3C658A}E:\spiele\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DDB6CF5A-3F8D-4145-8589-07134703610F}E:\spiele\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C30F2FC7-BFCD-4880-8221-91BD3EC1DDA3}E:\spiele\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{605F9071-176A-45E2-A820-AFD8CB23CF3F}E:\spiele\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9CE2B071-87D3-4076-91DD-188C1A6F5424}E:\spiele\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CC20F77C-E0FD-4308-A569-C92948BCA8FC}E:\spiele\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B0C690E4-74CF-48AE-9BE1-9FB8094A0A5D}E:\spiele\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F41A5878-9B65-4F1E-8AEE-A62F093D6F5B}E:\programme\xampp\apache\bin\httpd.exe] => (Allow) E:\programme\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{9D2DEC29-10C0-4525-8123-639FC6EF9B36}E:\programme\xampp\apache\bin\httpd.exe] => (Allow) E:\programme\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{F5435DBE-1132-4BCA-BAF5-D0ACC2FD3C33}E:\programme\xampp\mysql\bin\mysqld.exe] => (Allow) E:\programme\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{D912A58C-5A8C-43DE-9370-C73DC6A1DFD8}E:\programme\xampp\mysql\bin\mysqld.exe] => (Allow) E:\programme\xampp\mysql\bin\mysqld.exe
FirewallRules: [{4294F962-F2E4-4EDE-A7A4-A1F32D864D42}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{60AD23DB-F1AD-4DDD-A554-97DAF066D1AF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{CF1FBD2A-7710-4163-9ACA-B7D3F8DC76B6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{14CC7767-74E7-4252-A54C-C9FA2758F75E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{1AEF786E-3CE4-4524-8F67-C0D8DBCC6A3B}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{E6950604-9276-4137-AEF3-64D521AC5C12}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{7427F3F7-7429-4BF2-8D1A-BE672BB662FF}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{03FBDD10-4468-4358-AB89-A7B7C2CD3B52}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F20AAB67-B927-4FF9-B1C7-0078DA6C9A95}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8C1D0215-FEFC-4973-8122-7D302BA4F62C}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{7EC109E8-9E1E-4BC8-844F-399CE39E9512}E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [UDP Query User{456D55A2-39B4-4AFA-B6C7-27A532AD333D}E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [TCP Query User{0BCC52EC-003A-4ABF-80C1-AFBB5584ADC1}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{5B67B8A8-1535-46F3-8F41-F4BC7300C92C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{FDB94E7E-AA5A-4AB4-B831-956BDB269AB9}] => (Allow) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{996BD42D-0717-492F-B066-FAADAB795187}] => (Allow) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{EF2AABCB-A590-4EE9-8DA8-66C8DC3D9E66}C:\users\romo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\romo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{908DD831-9F2C-4586-90E3-BEE40793CBF5}C:\users\romo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\romo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{FED65A20-D8B8-4C25-AF00-3F65D7B3E9B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{28152424-C1D2-4323-92FB-3DF05B1AEFB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{803A0466-7944-4783-9100-86A263E678BC}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [{CA1A2CA9-AF44-4983-9382-881B5349D01A}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [{FF1F4787-A2CA-4E5B-AF0C-15A68695979A}] => (Allow) E:\Spiele\Hearthstone\Hearthstone.exe
FirewallRules: [{D670722D-314A-4EA4-BE81-78DFA7B5118F}] => (Allow) E:\Spiele\Hearthstone\Hearthstone.exe
FirewallRules: [{3D67AC21-F5AC-4F79-8892-BCB093B6B3AC}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5EDA58E9-8584-4D54-B843-75B7A5B0DB54}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{48769F34-D4AE-4736-8F2C-4B1A9BED3B6C}] => (Allow) E:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{45E31AC8-0A6A-4CBC-B561-5C7D063C1C98}] => (Allow) E:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{6E35C3BE-B2BE-4C13-9E60-EAA5218F8759}E:\spiele\starcraft ii\versions\base26490\sc2.exe] => (Block) E:\spiele\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{471427F2-0995-442D-9ADE-DE631ADAAB14}E:\spiele\starcraft ii\versions\base26490\sc2.exe] => (Block) E:\spiele\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{5135B6C1-0102-4CD8-BD03-5E0E0002FCFE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{4B928102-D225-42AA-B1EA-00514A4D14A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{7D6D6BE8-95DF-4665-ABF6-481CA70536BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{4F27B8B3-3451-4310-9F4E-BB51F31A5EBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [TCP Query User{77D96BFD-7A1B-48F8-A5FB-544532717B8F}E:\spiele\eve\bin\exefile.exe] => (Allow) E:\spiele\eve\bin\exefile.exe
FirewallRules: [UDP Query User{94989ADA-E2C8-4581-8301-E3DDF157CEA6}E:\spiele\eve\bin\exefile.exe] => (Allow) E:\spiele\eve\bin\exefile.exe
FirewallRules: [{D1980288-5B3B-42EC-9DB2-0253FDF95021}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{FBCDA40A-015A-4CD2-914E-33ED2B663E3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{5F0034C2-6109-44E2-890E-1A404C04A823}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{BBEA137D-5DB9-43D7-90C0-53E582FF8993}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{CFAC4C6D-7760-4831-AAC1-3F0B68326D58}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{964BD6E9-C03F-4633-A3AA-CB6CEC73607A}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F25413A6-C102-4938-83B8-DB9BA90C4996}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{86E8A651-65EA-4A8A-8703-F62B140A711C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{8D18A307-8F6D-439F-AE18-B438CB5A6BB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{53B78F25-93BA-4406-B755-18233BD216D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{63C300F6-4516-4C8F-B01F-85DFE29053D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{B103BBC0-A5CC-4E71-B567-5521B7EAE642}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{F286EC9D-0292-4209-97B7-F4E418252658}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{CC09E035-3EFB-4C9C-875B-B652432BE719}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{1AD599DB-7C46-406C-8AAE-C65D944B2F3C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{459C8498-7C16-4ED1-B770-1C4609B9EFD6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{15ABD881-205A-4033-8CCE-F476DC36C22D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{526B431D-7081-42A3-85F1-0EAAF2EAC944}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{B9C41390-AA91-4DD5-B43A-DA5BC523319B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{AE34FAC9-F14D-4C8C-A008-A7934633B219}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{79FD85C2-5162-4E06-93B5-14157AB8B0C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{E11BC352-0969-4F6D-AFB8-7CB8711CA365}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{D0AF3DBF-99CF-4BED-B99D-ABE38A9506D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{37443201-508C-41F6-8C77-05000A17ADBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{0154EA04-2744-4B9D-895C-6E3D31900055}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A2A05E31-E155-425F-8AD9-975B0FACCE30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E605E08C-D2F9-4AC5-8D08-095537CAA0EE}] => (Allow) E:\Programme\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{6D3607F4-A594-446B-82B0-0EA28ACC6C1D}] => (Allow) E:\Programme\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{7BB34B0D-A36E-40CF-981E-9ED39D89F95D}] => (Allow) E:\Programme\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{C4119BD1-6DAD-4A61-BEB5-15799C0520C9}] => (Allow) E:\Programme\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [TCP Query User{ECA6EEEC-8F98-4928-A36C-7CC59AD667F0}C:\users\romo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\romo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{469B4877-8C54-484F-A59D-1FD016606FEA}C:\users\romo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\romo\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6D5ECDD8-E523-4939-831D-00A791C72F8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{74B9CC25-9B3C-4AC8-B3D8-7A36FA0815A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{222C4427-CA32-4DFD-A1F3-3BA1656A53D4}C:\users\romo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\romo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{67283F26-6C32-418D-8E5D-BB1A2DA7E0D9}C:\users\romo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\romo\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A7977C2B-6828-4130-98EF-79A44193A89C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{989D3131-8756-4288-AD73-1C815A7F2DAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{784C51B4-83B7-4001-A2D7-B57F61162359}C:\users\romo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\romo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0869BE87-F25D-4A0C-AE4E-A22C1AEF1A2C}C:\users\romo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\romo\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A1AA4684-84F3-4A6A-B6ED-47071A6CD4CF}] => (Allow) E:\Spiele\aura\AuraKingdom-DE\game.bin
FirewallRules: [{28A5184E-D7E5-4DE6-ACE7-273F012764A9}] => (Allow) E:\Spiele\aura\AuraKingdom-DE\game.bin
FirewallRules: [TCP Query User{F9F43865-DE09-431C-B59D-AF83C9F33CF6}C:\users\romo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\romo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{73F9D900-B92E-4740-AC39-432D2183916A}C:\users\romo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\romo\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{6519EF37-887E-49FD-8CB2-41D0BAF3FFFC}E:\spiele\dragon's prophet\launcher.exe] => (Allow) E:\spiele\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{2E2C203E-A736-421E-9906-0ABF37A784F9}E:\spiele\dragon's prophet\launcher.exe] => (Allow) E:\spiele\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{06A9D76D-53AA-461C-B440-E6C823FCEB98}E:\spiele\dragon's prophet\dp_x64.exe] => (Allow) E:\spiele\dragon's prophet\dp_x64.exe
FirewallRules: [UDP Query User{33E9569E-C437-4924-8715-23D4B87BF962}E:\spiele\dragon's prophet\dp_x64.exe] => (Allow) E:\spiele\dragon's prophet\dp_x64.exe
FirewallRules: [TCP Query User{5ADAAD0E-9DCD-44CB-B84B-3216006D35D4}C:\programdata\battle.net\agent\agent.3334\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3334\agent.exe
FirewallRules: [UDP Query User{523F212B-CF6E-4645-A535-8168D43F5BF0}C:\programdata\battle.net\agent\agent.3334\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3334\agent.exe
FirewallRules: [TCP Query User{E5E7C7A2-628D-4E11-9136-0485644CBC35}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{40EF9DCC-912E-434A-9958-76E91E07A986}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{7B7D3759-B99E-4C0E-9D95-AEFF57FC8C02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{D4B107C1-327C-41BB-8976-F31E79ECB3AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{51E2A8CC-A6B0-4962-AF9A-D159408D595D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{60D42DE5-269C-4A0A-8322-DF558F1F1C07}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3AF6F577-2F27-4A66-BFF3-82CC10A3B461}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{8DD20CDE-9B8C-4FCF-B6ED-7BE71B8B67CD}] => (Allow) E:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{EB5505DF-B7B6-4F2D-A197-F10B955A59D8}] => (Allow) E:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{C63CF0A6-14E9-4893-9DEA-EAD740FD13D2}E:\spiele\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\spiele\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{5796254E-00B7-485D-8D53-BC561292EFC8}E:\spiele\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\spiele\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{F4065119-E022-48D2-8458-E15ECB2B201C}] => (Allow) E:\Spiele\koa\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{BFEF1B7F-736C-460E-BF91-56AF030ACBCA}] => (Allow) E:\Spiele\koa\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{50432403-A4D1-4A68-8F38-67EDDED23058}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{C2521D56-B54E-4F69-8749-E3139F0194E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{48C6C541-9888-4BC6-95B4-0A483BABDFFC}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{97897F19-DF42-4585-AD1D-CB5725E2C229}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{11297D55-C928-46CD-8DBF-5E41FA2469AD}C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{343C4617-F654-4173-A9A6-D3D71888D0C7}C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [TCP Query User{2E35EA49-CDB5-4AEC-A558-ABAEC948D478}E:\spiele\eso\launcher\bethesda.net_launcher.exe] => (Allow) E:\spiele\eso\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{11573AEB-32F6-434F-BFCE-A7201AA4982F}E:\spiele\eso\launcher\bethesda.net_launcher.exe] => (Allow) E:\spiele\eso\launcher\bethesda.net_launcher.exe
FirewallRules: [{C9962607-4E70-463B-BEB5-4A134FC091B0}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\dosbox_windows\dosbox.exe
FirewallRules: [{FF83B4A2-AA0A-472D-BC95-1FDDB58C6E6E}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\dosbox_windows\dosbox.exe
FirewallRules: [{8CE435D0-B403-4625-AFDA-F322B61B8B48}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\dosbox_windows\daum\dosbox.exe
FirewallRules: [{B517A62C-0F2E-4079-9721-2BF47CB7B6EB}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\dosbox_windows\daum\dosbox.exe
FirewallRules: [{D195F38F-B510-4659-A89D-51501DDE280C}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\wizardry7gold\WIZARD.EXE
FirewallRules: [{F3114590-1816-414C-9D94-60ED0F841596}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\wizardry7gold\WIZARD.EXE
FirewallRules: [TCP Query User{D162E9B0-C68C-4B8A-8D0A-DA6EE7C3D02C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BBF5EBE0-D627-4ED4-A445-FE054B907E13}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{57D8A5DB-51F6-4963-9A98-D3B610065332}E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4A3ADF49-92A0-42D8-925D-6EFE35294F91}E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{90C01B14-A839-4D26-BA91-E9387B15B9C8}E:\spiele\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{382BB40C-4FB3-45AE-A58E-B885D1873E91}E:\spiele\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{2B42B30E-7339-4A70-BAB1-622C89F7D022}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B5283800-4C45-4276-B178-A5FD34892DBA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{212F706A-C374-4E92-BB05-CBC09F4DDF2B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{677A82AA-1681-4E71-90F8-44571162566A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F8C2D19B-6E05-4564-8664-EF4EB17B7FCF}] => (Allow) E:\Download\bin\BlackDesert32.exe
FirewallRules: [{894FDA0C-80C1-458C-BFE3-F11554CE81B5}] => (Allow) E:\Download\bin64\BlackDesert64.exe
FirewallRules: [{79A02D9E-3ECD-4B1F-BD0E-5C48B1762835}] => (Allow) E:\Download\BlackDesert_Launcher.exe
FirewallRules: [{A2A664EC-94D8-4630-8995-BD838B880744}] => (Allow) E:\Download\BlackDesert_Downloader.exe
FirewallRules: [TCP Query User{B9425A80-7E03-48CB-9906-7251F3C7026E}E:\spiele\overwatch\overwatch.exe] => (Block) E:\spiele\overwatch\overwatch.exe
FirewallRules: [UDP Query User{875F3297-D22A-4E00-9A0D-7B4968BB619A}E:\spiele\overwatch\overwatch.exe] => (Block) E:\spiele\overwatch\overwatch.exe
FirewallRules: [{AAE42158-D8F4-416C-A0DD-FBC3EB181B1C}] => (Allow) E:\Spiele\warships\WoWSLauncher.exe
FirewallRules: [{8DFE030E-9AA2-4F09-B9D9-B49F1F7B9296}] => (Allow) E:\Spiele\warships\WoWSLauncher.exe
FirewallRules: [{B4DB2673-89F4-4ECD-8689-50831F7FA65D}] => (Allow) E:\Spiele\warships\worldofwarships.exe
FirewallRules: [{A6B3FA31-6A3B-4176-A90D-4B99D7EA137C}] => (Allow) E:\Spiele\warships\worldofwarships.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/25/2017 02:43:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/25/2017 02:27:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/24/2017 04:44:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/24/2017 04:14:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/24/2017 03:43:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/24/2017 03:14:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/24/2017 02:44:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/24/2017 02:14:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/24/2017 01:44:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/24/2017 01:14:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (05/25/2017 02:43:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (05/25/2017 02:43:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.

Error: (05/25/2017 02:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2017 02:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "COM+-Systemanwendung" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2017 02:42:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2017 02:42:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/25/2017 02:42:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/25/2017 02:42:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "COM+-Systemanwendung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2017 02:42:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Distributed Transaction Coordinator" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2017 02:42:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-05-20 11:16:41.009
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-20 11:14:33.397
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16328.05 MB
Verfügbarer physikalischer RAM: 13770.68 MB
Summe virtueller Speicher: 32712.05 MB
Verfügbarer virtueller Speicher: 29939 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:111.13 GB) (Free:38.16 GB) NTFS
Drive e: (Speicher) (Fixed) (Total:931.51 GB) (Free:665.76 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 20BBE221)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 795CC074)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

burningice 25.05.2017 17:51
Ich schätze dein Problem hat ehr mit Malwarebytes selbst zu tun, als dass etwas die Installation behindert.

Die folgenden Schritte sollten das Problem beheben:
  1. Drücke die Windows + R Taste gleichzeitig, um den Ausführen Dialog zu öffnen
  2. Gebe in das Feld certmgr.msc ein und klicke Ok
  3. In dem sich öffnenden Fenster befindet sich auf der linken Seite eine Sektion mit dem Namen "Nichtvertrauenswürdige Zertifikate" - öffne sie.
  4. Lösche innerhalb dieser Sektion alle Zertifikate, die mit Malwarebytes zu tun haben. Manchmal befindet sich auch ein Ordner innerhalb der Sektion, überprüfe auch diesen.
  5. Starte deinen Pc neu und versuche MBAM zu installieren und den Scan auszuführen.

Benfuzius 26.05.2017 00:19
MBAM
 
Hat alles geklappt vielen Dank !

Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 26.05.17
Scan-Zeit: 01:08
Protokolldatei: antmalw.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.2021
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Romo-PC\Romo

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 424156
Erkannte Bedrohungen: 9
In die Quarantäne verschobene Bedrohungen: 9
Abgelaufene Zeit: 1 Min., 44 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, In Quarantäne, [1055], [327205],1.0.2021
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, In Quarantäne, [1055], [327206],1.0.2021

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [556], [391425],1.0.2021
PUP.Optional.InterStat, C:\Users\Romo\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_389\Logs, In Quarantäne, [1408], [373566],1.0.2021
PUP.Optional.InterStat, C:\USERS\ROMO\APPDATA\LOCAL\CRASHRPT\UNSENTCRASHREPORTS\Interstatnogui_389, In Quarantäne, [1408], [373566],1.0.2021

Datei: 4
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, In Quarantäne, [556], [391425],1.0.2021
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, In Quarantäne, [556], [391425],1.0.2021
PUP.Optional.HDWallPaper, C:\WINDOWS\SYSTEM32\NETUTILS2016.DEL, In Quarantäne, [132], [392467],1.0.2021
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [556], [391431],1.0.2021

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

burningice 26.05.2017 14:59
:D

Schritt: 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...

Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.


Hast du noch irgendwelche Probleme mit deinem Rechner?

Benfuzius 27.05.2017 09:10
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=41e60950d669214686519ef29aadb28e
# end=init
# utc_time=2017-05-26 11:22:06
# local_time=2017-05-27 01:22:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=41e60950d669214686519ef29aadb28e
# end=init
# utc_time=2017-05-26 11:23:36
# local_time=2017-05-27 01:23:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 33521
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=41e60950d669214686519ef29aadb28e
# end=updated
# utc_time=2017-05-26 11:28:16
# local_time=2017-05-27 01:28:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=41e60950d669214686519ef29aadb28e
# engine=33521
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-05-26 11:30:17
# local_time=2017-05-27 01:30:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 96 751 4017997 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 5860464 5974413 0 0
# scanned=2355
# found=23
# cleaned=0
# scan_time=120
sh=80E3B051D394DF29D0A6FE1DD33BA9D9BEF25816 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\cbcuncqfnurslenrzsrkytlqotkemfgn.back"
sh=BFEBCC9BB71F5DC848B97A1729EED8D645634AB5 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\fkuyzhjyaaaigqmuccamrqhrtaondlri.back"
sh=7C43C4E28A1C8069CE419CBCD5BBCF022A992AC9 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\jmniuqhozklcjomqouzlwwqtxqmysyqy.back"
sh=83C6ED41104019B7858964E639DFD42ACCA3C871 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\jztoqhksumzcgneubyfegdpfljimtdwt.back"
sh=81BD2F1B77C6DE92CC8E8F2C164316E344986AC6 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\kbpcbnqnlduqrtokferwvbuihmqtrnpu.back"
sh=31BC16DC577DA59A97935DB484294E765A73EF27 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\mgjbwclbbmjolgjhllrkqqsnkqfecnwe.back"
sh=52700AD31B474287C6D8746DD9706380517D7F8E ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\ouvzuymdxxlgimpzdmacgndlnshxjrqq.back"
sh=BC60C49C12C28CF3587A53C35BE2344B293EE6F6 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\oyplbwqlrezttbdsojiroupgofzdzria.back"
sh=BA9508D76B608D4426084C787231221EEF2C6AA2 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\pblxxyxjnokrsvzykcqvbhiuqmwijrih.back"
sh=D38A52F8DDC907E02449075964F35DA2A76D1779 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\qidcjjiopctdfwgitscmpzbtpajhkgtb.back"
sh=22F69A1BD9A63AC674418FEC7D63CC5748F09D15 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\qmfwgycybpvlrrmdnozfirhqyxcibdgo.back"
sh=69392184E3C4ACC33C67DFA7FC009EBA57192F69 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\vcearwmealudgmuaeubhmhpfbfoeavvc.back"
sh=AD932BEC1ED2CD035CD4D788448AC71F669DF3A0 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\vfthqtsjxwkvpbpoezhgnwqytcqeowtg.back"
sh=69392184E3C4ACC33C67DFA7FC009EBA57192F69 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\xahyseqpqjuepmrliauleeuvpouwnvkk.back"
sh=AE1BF605197154D2AAB82854AA0E8DACE54A1F57 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\xywmknjchidlwgcavwchiwihekkwpxvb.back"
sh=2040273C0186D9D63C6F6426587E86336E670249 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\yetyctrwnxxpzjxkufdysmhoawedtiwi.back"
sh=F710BF21AC78925B8296B5327C817DED2D3DEC6A ft=1 fh=46df646d91958a59 vn="Variante von Win32/Adware.OnlineIO.A Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\hgggdznzqfewbpomwhgcffmnkaxrswag\Online Application\Version 2.6.0\Online-Guardian.exe"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\hydlwplyvedyqhfgpxhqzamgurjbwpsn\dmr_72.exe"
sh=06E33278D473995EBB843A1FC99E964929DD9AD4 ft=1 fh=99ac218d6441f30b vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\itremesxwafnxgmttevbhxghxxzpkbod\dmr_72.exe"
sh=6F86B0C40819785B3F42F4E5DCF8513BA2DFF3F8 ft=1 fh=e3f410659c8acd62 vn="Variante von Win32/ProxyGate.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\zzewukjrezjchnjvfkozjtzvperkirlv\MainService.exe"
sh=0C0C68AF84FC2970F8494E0B781812981F36F77E ft=1 fh=31dde2c0b3b8597c vn="Variante von Win32/ProxyGate.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\zzewukjrezjchnjvfkozjtzvperkirlv\PGChk.exe"
sh=F3B9857A368514A6BF35626F6769E4387EDE8DA3 ft=1 fh=efdd74c811ae89b7 vn="Variante von Win32/ProxyGate.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\zzewukjrezjchnjvfkozjtzvperkirlv\ProxyGate.exe"
sh=EE05E27A26C3852A835A007ADD1B89AFE5DD9B88 ft=1 fh=389f12129e92bc03 vn="Variante von Win32/ProxyGate.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\zzewukjrezjchnjvfkozjtzvperkirlv\TrafficMonitor.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=41e60950d669214686519ef29aadb28e
# end=init
# utc_time=2017-05-26 11:30:44
# local_time=2017-05-27 01:30:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 33521
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=41e60950d669214686519ef29aadb28e
# end=updated
# utc_time=2017-05-26 11:31:24
# local_time=2017-05-27 01:31:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=41e60950d669214686519ef29aadb28e
# engine=33521
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-05-27 01:22:16
# local_time=2017-05-27 03:22:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 96 7470 4024716 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 5867183 5981132 0 0
# scanned=522028
# found=36
# cleaned=36
# scan_time=6652
sh=80E3B051D394DF29D0A6FE1DD33BA9D9BEF25816 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\cbcuncqfnurslenrzsrkytlqotkemfgn.back"
sh=BFEBCC9BB71F5DC848B97A1729EED8D645634AB5 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\fkuyzhjyaaaigqmuccamrqhrtaondlri.back"
sh=7C43C4E28A1C8069CE419CBCD5BBCF022A992AC9 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\jmniuqhozklcjomqouzlwwqtxqmysyqy.back"
sh=83C6ED41104019B7858964E639DFD42ACCA3C871 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\jztoqhksumzcgneubyfegdpfljimtdwt.back"
sh=81BD2F1B77C6DE92CC8E8F2C164316E344986AC6 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\kbpcbnqnlduqrtokferwvbuihmqtrnpu.back"
sh=31BC16DC577DA59A97935DB484294E765A73EF27 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\mgjbwclbbmjolgjhllrkqqsnkqfecnwe.back"
sh=52700AD31B474287C6D8746DD9706380517D7F8E ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\ouvzuymdxxlgimpzdmacgndlnshxjrqq.back"
sh=BC60C49C12C28CF3587A53C35BE2344B293EE6F6 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\oyplbwqlrezttbdsojiroupgofzdzria.back"
sh=BA9508D76B608D4426084C787231221EEF2C6AA2 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\pblxxyxjnokrsvzykcqvbhiuqmwijrih.back"
sh=D38A52F8DDC907E02449075964F35DA2A76D1779 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\qidcjjiopctdfwgitscmpzbtpajhkgtb.back"
sh=22F69A1BD9A63AC674418FEC7D63CC5748F09D15 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\qmfwgycybpvlrrmdnozfirhqyxcibdgo.back"
sh=69392184E3C4ACC33C67DFA7FC009EBA57192F69 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\vcearwmealudgmuaeubhmhpfbfoeavvc.back"
sh=AD932BEC1ED2CD035CD4D788448AC71F669DF3A0 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\vfthqtsjxwkvpbpoezhgnwqytcqeowtg.back"
sh=69392184E3C4ACC33C67DFA7FC009EBA57192F69 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\xahyseqpqjuepmrliauleeuvpouwnvkk.back"
sh=AE1BF605197154D2AAB82854AA0E8DACE54A1F57 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\xywmknjchidlwgcavwchiwihekkwpxvb.back"
sh=2040273C0186D9D63C6F6426587E86336E670249 ft=0 fh=0000000000000000 vn="LNK/URL.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\yetyctrwnxxpzjxkufdysmhoawedtiwi.back"
sh=F710BF21AC78925B8296B5327C817DED2D3DEC6A ft=1 fh=46df646d91958a59 vn="Variante von Win32/Adware.OnlineIO.A Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\hgggdznzqfewbpomwhgcffmnkaxrswag\Online Application\Version 2.6.0\Online-Guardian.exe"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\hydlwplyvedyqhfgpxhqzamgurjbwpsn\dmr_72.exe"
sh=06E33278D473995EBB843A1FC99E964929DD9AD4 ft=1 fh=99ac218d6441f30b vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\itremesxwafnxgmttevbhxghxxzpkbod\dmr_72.exe"
sh=6F86B0C40819785B3F42F4E5DCF8513BA2DFF3F8 ft=1 fh=e3f410659c8acd62 vn="Variante von Win32/ProxyGate.A eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\zzewukjrezjchnjvfkozjtzvperkirlv\MainService.exe"
sh=0C0C68AF84FC2970F8494E0B781812981F36F77E ft=1 fh=31dde2c0b3b8597c vn="Variante von Win32/ProxyGate.A eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\zzewukjrezjchnjvfkozjtzvperkirlv\PGChk.exe"
sh=F3B9857A368514A6BF35626F6769E4387EDE8DA3 ft=1 fh=efdd74c811ae89b7 vn="Variante von Win32/ProxyGate.A eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\zzewukjrezjchnjvfkozjtzvperkirlv\ProxyGate.exe"
sh=EE05E27A26C3852A835A007ADD1B89AFE5DD9B88 ft=1 fh=389f12129e92bc03 vn="Variante von Win32/ProxyGate.A eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\quarantine\files\zzewukjrezjchnjvfkozjtzvperkirlv\TrafficMonitor.exe"
sh=EADAACEE76E5A41DCFA778B2A717A6C5492D4333 ft=1 fh=ae39654526f12bd7 vn="MSIL/Adware.OxyPumper.Z Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\FRST\Quarantine\C\ProgramData\VideoMemoryDiagnostic\vmdiag.exe"
sh=419C5AB1B55753B3010A10165F2BFAD6CAC00D00 ft=0 fh=0000000000000000 vn="Win32/Adware.ELEX.NA Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\FRST\Quarantine\C\WINDOWS\system32\Tasks\Microsoft\Windows\DeviceSettings\Canikcoeqot.xBAD"
sh=51E624FD6CEAD5C006BDF5304E85C0E77965C17F ft=1 fh=edacf395d4a6c576 vn="Variante von Win64/Wdfload.O Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\FRST\Quarantine\C\WINDOWS\TEMP\g2182.tmp.exe.xBAD"
sh=6AF71872453EF3FCC1B3564C362F3A23F1E56302 ft=1 fh=d481be170ed2dfb7 vn="Variante von Win64/CoinMiner.BM Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\FRST\Quarantine\C\WINDOWS\TEMP\g2183.tmp.exe.xBAD"
sh=F848B3A8000ABB5C3CF7506F5E255B36150E2E7B ft=1 fh=14dc238ce6bca2a4 vn="Variante von Win32/Wdfload.O Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\FRST\Quarantine\C\WINDOWS\TEMP\gD49D.tmp.exe.xBAD"
sh=9F37EAA2CFCBEC2F0994E035A051550E2A519A70 ft=1 fh=72dbde777f705092 vn="Variante von Win64/Snarasite.F Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\Users\Romo\AppData\Local\CWASRE.del\Snare.dll.DEL.del"
sh=98C843CE7B9491B1A4306233159E827027F9CF42 ft=1 fh=b4aff101dc8bc016 vn="Variante von Win32/Adware.ELEX.QM Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Romo\AppData\Roaming\WINSAPSVC.del\WinSAP.dll.DEL.del"
sh=70704EDAD359E3B56074F1CEEE9B19F5BDD72017 ft=1 fh=ff05a928f67cf153 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="E:\$RECYCLE.BIN\S-1-5-21-2079666805-3719247669-552477099-1000\$R0TBNU4.exe"
sh=0A30E59AD7F9BE15D5DE7E8935078B64B7C247F5 ft=1 fh=41ae133d5f518b35 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="E:\$RECYCLE.BIN\S-1-5-21-2079666805-3719247669-552477099-1000\$R86OON8.exe"
sh=DC373C8C16A03F94956C41538C94C76F3F9A5C0B ft=1 fh=280e24c3a0c3a761 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="E:\saves\BlueScreenView - CHIP-Installer.exe"
sh=CEC709E1D26F99EB1016E65B6FEB705760F1D698 ft=1 fh=986086a4d1d18202 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="E:\saves\Everest Ultimate Edition - CHIP-Installer.exe"
sh=A8A0ED307B6B8DBAF94C5B386BC1DAF5F8C487CB ft=1 fh=9e70669d81383bee vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="E:\saves\MemTest - CHIP-Installer.exe"
sh=0734591FF52AD0718A04D3D7785F40953B03E63A ft=1 fh=f68359e4b9f4a3d9 vn="Variante von Win32/Toolbar.Conduit.AE eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="E:\saves\SpeedFan_TSV38C8M.exe"
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Romo (Administrator) auf ROMO-PC (27-05-2017 10:07:09)
Gestartet von C:\Users\Romo\Desktop
Geladene Profile: Romo &  (Verfügbare Profile: Romo & DefaultAppPool)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) E:\Programme\Anti-Malware\mbamtray.exe
(Akamai Technologies, Inc.) C:\Users\Romo\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Romo\AppData\Local\Akamai\netsession_win.exe
(Malwarebytes) E:\Programme\Anti-Malware\MBAMService.exe
(Spotify Ltd) C:\Users\Romo\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Dropbox, Inc.) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Dropbox, Inc.) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Dropbox, Inc.) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [506864 2013-03-08] (MSI)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [433160 2015-09-04] (DivX, LLC)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-27] (DivX, LLC)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [67168 2017-04-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Romo\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Run: [Spotify Web Helper] => C:\Users\Romo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-04] (Spotify Ltd)
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Run: [Dropbox Update] => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Run: [Discord] => C:\Users\Romo\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-05272017011856608\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
Startup: C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2017-05-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-05-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{036d7a67-7b1c-4223-8046-161aceeb7c40}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-26] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: msfz6nh6.default-1495082881402
FF ProfilePath: C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402 [2017-05-27]
FF Homepage: Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402 -> www.google.de/
FF Extension: (Avira Browser Safety) - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402\Extensions\abs@avira.com [2017-05-26]
FF Extension: (Ghostery) - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402\Extensions\firefox@ghostery.com.xpi [2017-05-20]
FF Extension: (Avira Password Manager) - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402\Extensions\passwordmanager@avira.com [2017-05-26]
FF Extension: (Avira SafeSearch Plus) - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402\Extensions\safesearchplus2@avira.com [2017-05-26]
FF Extension: (Adblock Plus) - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\msfz6nh6.default-1495082881402\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-19]
FF HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Romo\AppData\Roaming\Mozilla\Firefox\Profiles\0o0j768i.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2015-12-27] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> E:\Programme\VLC\npvlc.dll [2013-11-12] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-10-28] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-26] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-05-26] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-05-26] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-01-22] (Adobe Systems) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-10] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [374352 2017-05-22] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [334064 2017-05-18] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [100816 2017-04-21] (Avira Operations GmbH & Co. KG)
S3 GalaxyClientService; E:\Programme\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-27] (GOG.com)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 MBAMService; E:\Programme\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161264 2013-02-20] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; E:\Programme\Origin\OriginClientService.exe [2004488 2015-07-03] (Electronic Arts)
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-05-26] (Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-05-26] (Avira Operations GmbH & Co. KG)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-04-07] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-04-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-04-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-04-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-04-10] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-04-10] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-21] (REALiX(tm))
S3 ISCT; C:\WINDOWS\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-27] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-05-02] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-10-18] (Wellbia.com Co., Ltd.)
U3 idsvc; kein ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Code:
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 01:23 - 2017-05-27 01:21 - 02870984 _____ (ESET) C:\Users\Romo\Desktop\esetsmartinstaller_deu.exe
2017-05-27 01:21 - 2017-05-27 01:21 - 00000000 ____D C:\Program Files (x86)\ESET
2017-05-27 01:16 - 2017-05-27 01:16 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-26 01:36 - 2017-05-26 01:36 - 00000000 ____D C:\Users\Romo\AppData\Local\AviraSpeedup
2017-05-26 01:33 - 2017-05-26 01:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-05-26 01:33 - 2017-04-10 13:23 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-05-26 01:33 - 2017-04-10 13:23 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-05-26 01:33 - 2017-04-10 13:23 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-05-26 01:33 - 2017-04-10 13:23 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-05-26 01:33 - 2017-04-10 13:23 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-05-26 01:25 - 2017-05-26 01:25 - 00003812 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineUA
2017-05-26 01:25 - 2017-05-26 01:25 - 00003688 _____ C:\WINDOWS\System32\Tasks\AviraScoutUpdateTaskMachineCore
2017-05-26 01:24 - 2017-05-27 01:16 - 00000000 ____D C:\Users\Romo\AppData\Local\Avira
2017-05-26 01:24 - 2017-05-26 01:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\Avira
2017-05-26 01:23 - 2017-05-27 01:17 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-05-26 01:23 - 2017-05-26 01:23 - 00003766 _____ C:\WINDOWS\System32\Tasks\AviraSystemSpeedupUpdate
2017-05-26 01:21 - 2017-05-26 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-26 01:21 - 2017-05-26 01:33 - 00000000 ____D C:\Program Files (x86)\Avira
2017-05-26 01:21 - 2017-05-26 01:21 - 00001284 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-05-26 01:17 - 2017-05-26 01:17 - 00002406 _____ C:\Users\Romo\Desktop\antmalw.txt
2017-05-26 01:07 - 2017-05-27 05:27 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-26 01:07 - 2017-05-27 01:16 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-26 01:07 - 2017-05-27 01:16 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-26 01:07 - 2017-05-26 01:07 - 00000785 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-26 01:07 - 2017-05-26 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-26 01:07 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-25 14:51 - 2017-05-27 10:07 - 00021941 _____ C:\Users\Romo\Desktop\FRST.txt
2017-05-25 14:51 - 2017-05-25 14:52 - 00069470 _____ C:\Users\Romo\Desktop\Addition.txt
2017-05-25 14:39 - 2017-05-25 14:39 - 04110280 _____ C:\Users\Romo\Desktop\adwcleaner_6.047.exe
2017-05-21 13:53 - 2017-05-21 13:53 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-05-21 13:53 - 2017-05-21 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2017-05-20 11:15 - 2017-05-20 11:15 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-20 11:14 - 2017-05-20 11:14 - 00000020 ___SH C:\Users\Romo\ntuser.ini
2017-05-20 06:47 - 2017-05-20 06:47 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-20 06:47 - 2017-05-20 06:47 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-20 06:47 - 2017-05-20 06:47 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-20 06:47 - 2017-05-20 06:47 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-20 06:47 - 2017-05-20 06:47 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-20 06:47 - 2017-05-20 06:47 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-20 06:47 - 2017-05-20 06:47 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-20 06:47 - 2017-05-20 06:47 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-20 06:47 - 2017-05-20 06:47 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-20 06:47 - 2017-05-20 06:47 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-20 06:47 - 2017-05-20 06:47 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-20 06:47 - 2017-05-20 06:47 - 00000000 ____D C:\Windows.old
2017-05-20 06:45 - 2017-05-20 06:45 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-20 06:45 - 2017-05-20 05:49 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-20 06:45 - 2017-03-17 23:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-05-20 06:45 - 2017-03-17 22:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-05-20 06:45 - 2017-03-17 22:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-05-20 06:45 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-05-20 06:45 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\Program Files\MSBuild
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-20 06:44 - 2017-05-20 06:44 - 00000000 ____D C:\inetpub
2017-05-20 06:44 - 2017-05-20 05:51 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-20 06:44 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-20 06:44 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-20 06:44 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-20 06:43 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-20 06:43 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-20 06:43 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-20 06:03 - 2017-05-20 06:03 - 00000000 ____D C:\ProgramData\USOShared
2017-05-20 05:55 - 2017-05-20 05:55 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-20 05:55 - 2017-05-20 05:55 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-20 05:54 - 2017-05-27 09:56 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{26661E06-5450-424E-91E2-146996F2F0F4}
2017-05-20 05:54 - 2017-05-26 01:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-20 05:54 - 2017-05-20 11:16 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-20 05:54 - 2017-05-20 05:54 - 00003942 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000UA1d2370fbcc1d718
2017-05-20 05:54 - 2017-05-20 05:54 - 00003674 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000Core1d2370fbcb80c1d
2017-05-20 05:54 - 2017-05-20 05:54 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-20 05:54 - 2017-05-20 05:54 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-20 05:54 - 2017-05-20 05:54 - 00003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00003376 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-20 05:54 - 2017-05-20 05:54 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-20 05:54 - 2017-05-20 05:54 - 00003324 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1434919741
2017-05-20 05:54 - 2017-05-20 05:54 - 00003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002968 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002214 _____ C:\WINDOWS\System32\Tasks\{65070599-A99C-4B44-93A5-3EA3305E965F}
2017-05-20 05:54 - 2017-05-20 05:54 - 00002200 _____ C:\WINDOWS\System32\Tasks\{41A9DB71-6E8A-41AB-85D6-F344D227C96F}
2017-05-20 05:54 - 2017-05-20 05:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-20 05:54 - 2017-05-20 05:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-20 05:54 - 2017-05-20 05:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Abelssoft
2017-05-20 05:52 - 2017-05-20 05:52 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-20 05:51 - 2017-05-20 05:53 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-20 05:51 - 2017-05-20 05:51 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-20 05:51 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-20 05:50 - 2017-05-27 01:18 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-20 05:50 - 2017-05-26 01:22 - 02197380 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-20 05:50 - 2017-05-26 01:06 - 00000000 ____D C:\Users\Romo
2017-05-20 05:50 - 2017-05-20 05:54 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-20 05:50 - 2017-05-20 05:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-20 05:50 - 2017-05-20 05:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-20 05:50 - 2017-05-20 05:51 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-20 05:50 - 2017-05-20 05:50 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Vorlagen
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Startmenü
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Netzwerkumgebung
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Lokale Einstellungen
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Eigene Dateien
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Druckumgebung
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Documents\Eigene Videos
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Documents\Eigene Musik
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Documents\Eigene Bilder
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\AppData\Local\Verlauf
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\AppData\Local\Anwendungsdaten
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\Romo\Anwendungsdaten
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-20 05:50 - 2017-05-20 05:50 - 00000000 ____D C:\Program Files\Realtek
2017-05-20 05:50 - 2017-05-01 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-20 05:50 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-20 05:50 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-20 05:49 - 2017-05-25 14:43 - 00293920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-20 05:49 - 2017-05-20 05:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-18 15:04 - 2017-05-27 01:16 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-18 15:04 - 2017-05-26 01:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-18 15:04 - 2017-05-19 16:06 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-18 15:02 - 2017-05-27 01:16 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-05-18 15:02 - 2017-05-19 01:41 - 00000000 ____D C:\Users\Romo\mbar
2017-05-18 14:24 - 2017-05-18 14:24 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-05-18 05:36 - 2017-05-20 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-18 05:36 - 2017-05-18 15:21 - 00000751 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-18 01:45 - 2017-05-20 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cycle Addon for WYSIWYG Web Builder
2017-05-18 01:44 - 2017-05-20 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FluidBox Addon for WYSIWYG Web Builder
2017-05-18 01:44 - 2017-05-18 01:45 - 00000909 _____ C:\WINDOWS\Cycle Addon for WYSIWYG Web Builder Setup Log.txt
2017-05-18 01:44 - 2017-05-18 01:44 - 00000893 _____ C:\WINDOWS\FluidBox Addon for WYSIWYG Web Builder Setup Log.txt
2017-05-18 01:43 - 2017-05-20 05:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceBox Addon for WYSIWYG Web Builder
2017-05-18 01:43 - 2017-05-18 01:44 - 00737280 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2017-05-18 01:42 - 2017-05-18 01:43 - 00001298 _____ C:\WINDOWS\FaceBox Addon for WYSIWYG Web Builder Setup Log.txt
2017-05-18 00:22 - 2017-05-20 05:53 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-17 13:31 - 2017-05-27 10:07 - 00000000 ____D C:\FRST
2017-05-17 13:30 - 2017-05-25 14:51 - 02429952 _____ (Farbar) C:\Users\Romo\Desktop\FRST64.exe
2017-05-17 01:45 - 2017-05-17 01:48 - 00147978 _____ C:\TDSSKiller.3.1.0.15_17.05.2017_01.45.27_log.txt
2017-05-17 01:41 - 2017-05-17 15:19 - 00000000 ____D C:\Program Files\REIMAGE.del
2017-05-16 11:17 - 2017-05-18 15:11 - 00000000 ____D C:\ProgramData\BIT.del
2017-05-16 11:16 - 2017-05-27 03:21 - 00000000 ____D C:\Users\Romo\AppData\Roaming\WINSAPSVC.del
2017-05-16 11:16 - 2017-05-27 03:21 - 00000000 ____D C:\Users\Romo\AppData\Local\CWASRE.del
2017-05-15 23:29 - 2017-05-19 21:50 - 00000254 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2017-05-15 23:28 - 2017-05-18 14:46 - 00000000 ____D C:\@RestoreQuarantine
2017-05-15 23:18 - 2017-05-20 11:15 - 00000000 ____D C:\Users\Romo\Documents\RegRun2
2017-05-15 23:18 - 2017-05-19 04:04 - 00000000 ____D C:\ProgramData\RegRun
2017-05-15 23:18 - 2017-05-15 23:18 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2017-05-15 23:18 - 2017-05-15 23:18 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2017-05-15 23:18 - 2017-05-15 23:18 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2017-05-15 23:15 - 2017-05-27 01:16 - 00000000 ____D C:\Users\Romo\AppData\Local\Discord
2017-05-15 23:15 - 2017-05-18 15:21 - 00002269 _____ C:\Users\Romo\Desktop\Discord.lnk
2017-05-15 22:39 - 2017-05-15 22:39 - 03124864 _____ (ESET) C:\Users\Romo\Downloads\eset_nod32_antivirus_live_installer_rt_de.exe
2017-05-15 22:14 - 2017-05-15 22:45 - 00009571 _____ C:\Users\Romo\Desktop\pad.odt
2017-05-15 22:04 - 2017-05-25 14:42 - 00000000 ____D C:\AdwCleaner
2017-05-15 20:47 - 2017-05-26 01:37 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-15 20:21 - 2017-05-15 20:23 - 00000000 ____D C:\Users\Romo\AppData\Local\navitool
2017-05-15 19:55 - 2017-05-15 19:56 - 04102600 _____ C:\Users\Romo\Downloads\adwcleaner_6.046.exe
2017-05-15 19:42 - 2017-05-15 19:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-05-15 15:19 - 2017-05-15 15:19 - 00140800 _____ C:\Users\Romo\AppData\Local\installer.dat
2017-05-15 15:19 - 2017-05-15 15:19 - 00011568 _____ C:\Users\Romo\AppData\Local\InstallationConfiguration.xml
2017-05-15 15:18 - 2017-05-15 15:18 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-05-15 15:18 - 2017-05-15 15:18 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-05-10 18:24 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-10 18:22 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01600560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01276128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00218040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-05-10 18:22 - 2017-05-02 00:38 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-10 18:22 - 2017-05-02 00:38 - 00046008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-05-10 18:22 - 2017-05-02 00:38 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-10 18:22 - 2017-05-02 00:38 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-10 18:22 - 2017-05-02 00:38 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-10 14:23 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 13:52 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-10 13:52 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-10 13:52 - 2017-05-03 22:21 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-04 18:57 - 2017-05-04 18:57 - 00000000 ____D C:\Users\Romo\Documents\League of Legends
2017-05-04 12:21 - 2017-05-18 15:21 - 00000787 _____ C:\Users\Public\Desktop\WYSIWYG Web Builder 12.lnk
2017-05-04 12:21 - 2017-05-18 15:21 - 00000787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WYSIWYG Web Builder 12.lnk
2017-05-04 12:21 - 2017-05-04 12:39 - 00000000 ____D C:\Users\Romo\Documents\WYSIWYG Web Builder
2017-05-02 23:11 - 2017-05-02 23:11 - 00017484 _____ C:\Users\Romo\Desktop\Pubquizfragen.odt
2017-04-29 18:02 - 2017-04-29 19:02 - 00021275 _____ C:\Users\Romo\Desktop\Pubquiz (Benny).odt
Code:
==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 01:21 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-27 01:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-27 01:17 - 2016-11-20 05:03 - 00000000 ____D C:\Users\Romo\AppData\LocalLow\Mozilla
2017-05-27 01:16 - 2016-09-19 02:40 - 00000000 ____D C:\Users\Romo\AppData\Roaming\discord
2017-05-26 01:40 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-26 01:37 - 2016-10-05 15:24 - 00000000 ____D C:\Users\Romo\AppData\Local\ConnectedDevicesPlatform
2017-05-26 01:37 - 2013-12-22 06:35 - 00000000 ____D C:\Program Files (x86)\Raptr
2017-05-26 01:33 - 2013-12-20 20:23 - 00000000 ____D C:\ProgramData\Avira
2017-05-26 01:22 - 2017-03-20 06:35 - 00944540 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-26 01:22 - 2017-03-20 06:35 - 00213898 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-26 01:21 - 2015-08-01 17:59 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-26 01:15 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-05-25 19:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-25 17:24 - 2013-12-21 03:40 - 00000000 ____D C:\ProgramData\Adobe
2017-05-25 17:24 - 2013-12-20 19:22 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Adobe
2017-05-25 14:42 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-23 15:54 - 2013-12-20 19:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 15:53 - 2013-12-20 19:11 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 15:05 - 2015-10-12 12:24 - 00000000 ____D C:\Users\Romo\AppData\Local\NVIDIA Corporation
2017-05-21 03:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-20 13:15 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-20 11:30 - 2015-08-01 19:58 - 00000000 ____D C:\Users\Romo\AppData\Local\Packages
2017-05-20 11:21 - 2016-11-05 01:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-20 11:16 - 2015-08-01 20:00 - 00002421 _____ C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-20 11:16 - 2015-08-01 20:00 - 00000000 ___RD C:\Users\Romo\OneDrive
2017-05-20 11:15 - 2015-06-18 18:42 - 00000000 ____D C:\Users\Romo\AppData\Local\Dropbox
2017-05-20 11:14 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-20 11:14 - 2015-08-01 20:41 - 00000000 ____D C:\Users\Romo\AppData\Local\MicrosoftEdge
2017-05-20 11:14 - 2015-08-01 19:58 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-20 06:49 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-20 06:47 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-20 06:47 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-20 06:47 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-20 06:45 - 2017-03-20 06:36 - 00000000 ____D C:\WINDOWS\OCR
2017-05-20 06:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-20 06:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-20 06:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-20 06:44 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-20 06:44 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-20 06:44 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-20 06:44 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-20 06:44 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-20 06:44 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-20 06:44 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-20 06:44 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-20 06:44 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-20 06:44 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-20 06:44 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-20 06:44 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-20 06:44 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-20 06:44 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-20 06:44 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-20 06:44 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-20 06:44 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-20 06:03 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-20 05:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-20 05:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-20 05:55 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-20 05:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-20 05:54 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-20 05:54 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-20 05:54 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-20 05:54 - 2015-08-01 18:04 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-20 05:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-20 05:53 - 2017-01-31 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-05-20 05:53 - 2016-01-10 13:07 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2017-05-20 05:53 - 2015-10-12 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-20 05:53 - 2015-08-18 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-05-20 05:53 - 2015-01-22 04:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-05-20 05:53 - 2014-12-13 14:34 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2017-05-20 05:53 - 2014-11-24 02:41 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCitizen
2017-05-20 05:53 - 2014-11-19 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-05-20 05:53 - 2014-11-03 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-20 05:53 - 2014-09-06 07:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2017-05-20 05:53 - 2014-08-20 18:56 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-05-20 05:53 - 2014-05-15 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-20 05:53 - 2014-01-03 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-20 05:53 - 2014-01-02 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-05-20 05:53 - 2014-01-02 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2017-05-20 05:53 - 2013-12-30 02:46 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-20 05:53 - 2013-12-30 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-20 05:53 - 2013-12-21 03:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2017-05-20 05:53 - 2013-12-20 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-20 05:53 - 2013-12-20 18:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-05-20 05:53 - 2013-12-20 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2017-05-20 05:53 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-20 05:52 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-20 05:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-20 05:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-20 05:52 - 2014-05-01 08:43 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\System
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-20 05:51 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-20 05:51 - 2016-09-19 02:40 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-20 05:51 - 2016-02-05 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2017-05-20 05:51 - 2015-11-01 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-05-20 05:51 - 2015-10-16 20:32 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-20 05:51 - 2015-09-01 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-20 05:51 - 2015-05-11 23:42 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\minon
2017-05-20 05:51 - 2014-08-16 05:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-20 05:51 - 2014-08-12 02:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2017-05-20 05:51 - 2013-12-20 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-05-20 05:51 - 2013-12-20 18:07 - 00000000 ____D C:\Program Files\Intel
2017-05-20 05:51 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2017-05-20 05:50 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-20 05:50 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-20 05:37 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-18 15:21 - 2017-01-31 10:13 - 00002218 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-05-18 15:21 - 2016-11-14 17:58 - 00001482 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-18 15:21 - 2016-05-07 04:54 - 00001144 _____ C:\Users\Romo\Desktop\Overwatch Launcher.lnk
2017-05-18 15:21 - 2016-05-01 00:41 - 00000820 _____ C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-05-18 15:21 - 2015-12-15 01:55 - 00001577 _____ C:\Users\Romo\Desktop\Rechner.lnk
2017-05-18 15:21 - 2015-11-01 22:08 - 00000743 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2017-05-18 15:21 - 2015-11-01 22:03 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-05-18 15:21 - 2015-10-06 21:48 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-18 15:21 - 2015-10-06 21:48 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-05-18 15:21 - 2015-09-02 03:54 - 00000737 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-05-18 15:21 - 2015-08-01 20:00 - 00001050 _____ C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-05-18 15:21 - 2015-06-21 22:49 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-05-18 15:21 - 2015-06-21 22:49 - 00001108 _____ C:\Users\Public\Desktop\Opera.lnk
2017-05-18 15:21 - 2015-05-08 21:40 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-18 15:21 - 2015-03-23 16:35 - 00001803 _____ C:\Users\Romo\Desktop\Spotify.lnk
2017-05-18 15:21 - 2015-03-23 16:35 - 00001789 _____ C:\Users\Romo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-05-18 15:21 - 2015-01-22 04:14 - 00001077 _____ C:\Users\Romo\Desktop\Photoshop.lnk
2017-05-18 15:21 - 2015-01-22 04:10 - 00002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2017-05-18 15:21 - 2015-01-22 04:10 - 00002070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2017-05-18 15:21 - 2015-01-22 04:10 - 00001652 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2017-05-18 15:21 - 2015-01-22 04:10 - 00001647 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2017-05-18 15:21 - 2014-11-24 02:41 - 00000814 _____ C:\Users\Romo\Desktop\StarCitizen.lnk
2017-05-18 15:21 - 2014-11-09 06:02 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2017-05-18 15:21 - 2014-08-16 05:42 - 00000669 _____ C:\Users\Romo\Desktop\EVEREST Ultimate Edition.lnk
2017-05-18 15:21 - 2014-07-04 15:26 - 00000804 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2017-05-18 15:21 - 2014-07-04 15:26 - 00000742 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2017-05-18 15:21 - 2014-05-15 18:46 - 00000650 _____ C:\Users\Public\Desktop\Origin.lnk
2017-05-18 15:21 - 2014-01-08 02:19 - 00000650 _____ C:\Users\Romo\Desktop\Caritas.lnk
2017-05-18 15:21 - 2014-01-03 17:59 - 00000766 _____ C:\Users\Public\Desktop\Battle.net.lnk
2017-05-18 15:21 - 2014-01-02 02:13 - 00000618 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-05-18 15:21 - 2014-01-01 20:06 - 00001017 _____ C:\Users\Romo\Desktop\Dropbox.lnk
2017-05-18 15:21 - 2013-12-21 03:45 - 00001110 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2017-05-18 15:21 - 2013-12-20 21:12 - 00000710 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-05-18 15:21 - 2013-12-20 20:59 - 00000670 _____ C:\Users\Romo\Desktop\SpeedFan.lnk
2017-05-18 15:21 - 2013-12-20 19:35 - 00000636 _____ C:\Users\Public\Desktop\Steam.lnk
2017-05-18 15:21 - 2013-12-20 18:50 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2017-05-18 15:21 - 2013-12-20 18:50 - 00001156 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2017-05-18 15:19 - 2015-06-21 22:48 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-18 15:11 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\HP Deskjet 3840 Series
2017-05-18 14:29 - 2015-03-23 16:35 - 00000000 ____D C:\Users\Romo\AppData\Local\Spotify
2017-05-18 14:29 - 2015-03-23 16:34 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Spotify
2017-05-18 14:20 - 2015-02-12 22:48 - 00000000 ____D C:\Users\Romo\AppData\LocalLow\Temp
2017-05-18 00:23 - 2014-01-01 20:04 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Dropbox
2017-05-17 16:17 - 2014-01-10 18:50 - 00000000 ____D C:\Users\Romo\AppData\Local\CrashDumps
2017-05-17 01:29 - 2013-12-20 20:24 - 00000000 ____D C:\Users\Romo\AppData\Roaming\Avira
2017-05-15 23:29 - 2017-01-26 21:46 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-05-15 23:24 - 2013-12-20 19:18 - 00000000 ____D C:\ProgramData\McAfee
2017-05-15 23:15 - 2016-09-19 02:40 - 00000000 ____D C:\Users\Romo\AppData\Local\SquirrelTemp
2017-05-15 22:10 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\SlickIt
2017-05-15 20:10 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\RezenCourt
2017-05-09 16:53 - 2017-01-26 21:46 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-05-03 22:21 - 2016-11-14 17:57 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2016-11-14 17:57 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2016-11-14 17:57 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2016-11-14 17:57 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2016-11-14 17:57 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 21:28 - 2017-04-26 00:44 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2005-04-04 18:56 - 2005-04-04 18:56 - 0003580 _____ () C:\Program Files\Bitte zuerst lesen.html
2005-04-07 16:07 - 2005-04-07 16:07 - 0014601 _____ () C:\Program Files\Installationsanleitung.html
2005-02-25 15:37 - 2005-02-25 15:37 - 0157035 _____ () C:\Program Files\LegalNotices.pdf
2005-03-24 16:28 - 2005-03-24 16:28 - 0383996 _____ () C:\Program Files\Photoshop Neue Funktionen.pdf
2017-05-15 15:19 - 2017-05-15 15:19 - 0011568 _____ () C:\Users\Romo\AppData\Local\InstallationConfiguration.xml
2017-05-15 15:19 - 2017-05-15 15:19 - 0140800 _____ () C:\Users\Romo\AppData\Local\installer.dat

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-20 05:49

==================== Ende von FRST.txt ============================

Benfuzius 27.05.2017 09:11
addition
 
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Romo (27-05-2017 10:07:37)
Gestartet von C:\Users\Romo\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-20 03:56:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2079666805-3719247669-552477099-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2079666805-3719247669-552477099-503 - Limited - Disabled)
Gast (S-1-5-21-2079666805-3719247669-552477099-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2079666805-3719247669-552477099-1002 - Limited - Enabled)
Romo (S-1-5-21-2079666805-3719247669-552477099-1000 - Administrator - Enabled) => C:\Users\Romo

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{b9b31169-be62-4b82-9e65-d47c99299ba1}) (Version: 1.2.88.24864 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.88.24864 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.8.2.29275 - Avira Operations GmbH & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.5.3029.2702 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{A4DF9D2A-AB95-4F30-9CA4-2F49662BA39D}) (Version: 2.0.2.27024 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.5.0.5091 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Curse Client (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Cycle Addon for WYSIWYG Web Builder  (HKLM-x32\...\WYSIWYG_Web_Builder_cycle) (Version:  - )
Discord (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.1.2 - DivX, LLC)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Dropbox) (Version: 26.4.24 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FaceBox Addon for WYSIWYG Web Builder  (HKLM-x32\...\WYSIWYG_Web_Builder_facebox) (Version:  - )
FluidBox Addon for WYSIWYG Web Builder  (HKLM-x32\...\WYSIWYG_Web_Builder_fluidbox) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HWiNFO32 Version 5.50 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.50 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version:  - Bitbox Ltd.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Might and Magic Heroes VII (HKLM-x32\...\Uplay Install 1176) (Version:  - Ubisoft)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 45.0.2552.812 (HKLM-x32\...\Opera 45.0.2552.812) (Version: 45.0.2552.812 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.02 - Creative Technology Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{cbb31fbb-788a-48fe-bacf-3101a9f985a6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2079666805-3719247669-552477099-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Romo\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0442D1E7-88E9-4DF4-A8AD-B3F6203C2D1A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {0CE99F16-F3E1-4B58-8CAD-0BE3C84B5035} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {101B675E-6DDC-4598-BABD-767DFCFC8848} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {1021623E-9CF8-426D-AE51-63E1D66373CB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {1721A231-9085-481B-923C-F9664D79119B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {176B5541-E898-413C-8ED7-9B0F46751A6E} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-05-26] (Avira Operations GmbH & Co. KG                              )
Task: {22C51718-24A4-4B92-AF0C-132207272514} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {262BA8BC-8998-4A27-90A4-A98D65C125BB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {2B27D870-2EAF-4C65-AAE3-8D6957261EB8} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-04-07] (Avira Operations GmbH & Co. KG)
Task: {2FBFF770-F553-4297-9AE1-63C752F7AC57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {341C4A33-B1BB-4C18-8592-3FC2F44ADA8C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3C02DADB-FF95-4307-8843-A6D9096CDC30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-08] (Google Inc.)
Task: {3D9B0B8F-3F48-4331-AAD6-7059A5062691} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {45B648F5-14F8-46E8-B517-68412EC3B664} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4E2284EB-FC46-4A94-9C74-63575931BE81} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {59F870A7-A112-404F-851B-9D6FC68675FD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {5AEA9023-36B0-4664-A5B9-E3966C21A2AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-08] (Google Inc.)
Task: {6A1424B5-67F7-4AB5-898D-D1B149E45FC3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {6A204792-A030-4978-BCCE-3E0FC13AF1F1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {70DDF34A-54CA-4D3D-839E-531A6EE975EC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {752658A6-8F80-49B7-8111-A0C6BF5CBB63} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {7EBF53E0-1EB1-4EA4-A1F3-E21BD1670223} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7FCE2A42-99F8-4AF4-812B-9B4F15D84727} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {866F5E04-284F-4D4A-9364-03AFDC1B9424} - System32\Tasks\{65070599-A99C-4B44-93A5-3EA3305E965F} => pcalua.exe -a E:\Download\Setup.exe -d E:\Download
Task: {89A358AA-8892-467A-AD32-BA70B01CC235} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {8A46BB78-FA0D-48E7-B910-D2F308E10AC5} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => %windir%\System32\UNP\UNPCampaignManager.exe
Task: {8B16D510-0CDC-4058-BB76-3CBD544D8F8C} - \HP Deskjet 3840 Series -> Keine Datei <==== ACHTUNG
Task: {8BA2372B-CEF7-4F17-BFB3-F860A23240EC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {8FEA6BEA-4BAC-4B8A-9ED7-E879233B19B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {941035A6-D70C-4DA6-90E7-4DA34D499D03} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {99D4F6CC-19CA-4EE5-A4D1-9CC0E29E27CF} - System32\Tasks\Opera scheduled Autoupdate 1434919741 => C:\Program Files (x86)\Opera\launcher.exe [2017-05-15] (Opera Software)
Task: {9A6616FE-46AD-4218-B447-262B129274BD} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-04-07] (Avira Operations GmbH & Co. KG)
Task: {A232C033-07AD-4694-9C92-B22BC2861D10} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-05-26] (Avira Operations GmbH & Co. KG)
Task: {ACD02558-3901-4504-86AC-9413C6E97CFB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {C616B313-6C09-4C14-B4C9-70886D132D26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000Core1d2370fbcb80c1d => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {C796DF92-B26C-49FE-9C97-702E17C0ED24} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C86650F8-7AB8-4D76-9D30-88ADF92174E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {CC94176A-AD77-4B37-B3E1-7E721CCAC4A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {D37AD329-FA77-48EB-8219-A5AB0A722768} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {D7828D55-302D-4E31-815B-CE97BFB839E9} - System32\Tasks\{41A9DB71-6E8A-41AB-85D6-F344D227C96F} => pcalua.exe -a D:\sansa-installer.exe -d D:\
Task: {E0752EDF-CE08-4AB2-AB0F-9EB70D79CCFE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E8CF7501-9C8E-45E0-9828-6E862549BA4A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EC7CB72B-65B8-4B50-909A-7D85A06DC0C6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EF27AC23-204C-4C43-9D7C-65F7DA1E5B8B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000UA1d2370fbcc1d718 => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {F722F8AA-0A21-40D5-B1AD-3657CA9D0478} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-05-26] (Avira Operations GmbH & Co. KG)
Task: {FBA6CC1D-1834-43E4-9A64-C685480DF89A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {FD1ACFB9-0D85-4FE2-840B-F372A92F2C83} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000Core1d2370fbcb80c1d.job => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2079666805-3719247669-552477099-1000UA1d2370fbcc1d718.job => C:\Users\Romo\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-11-14 17:57 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-20 05:50 - 2017-05-01 22:51 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-26 01:07 - 2017-05-09 16:38 - 02270672 _____ () E:\PROGRAMME\ANTI-MALWARE\MwacLib.dll
2017-05-27 01:20 - 2017-05-27 01:21 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-27 01:20 - 2017-05-27 01:21 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-27 01:20 - 2017-05-27 01:21 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-27 01:20 - 2017-05-27 01:21 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2014-04-03 16:48 - 2014-04-03 16:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-14 17:57 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-12-20 18:06 - 2012-10-31 16:00 - 00991232 ____N () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll
2017-05-18 00:22 - 2017-05-16 22:55 - 00871744 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-05-18 00:22 - 2017-05-16 22:55 - 01787200 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2015-12-12 04:48 - 2017-04-26 02:38 - 00035792 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-12 04:48 - 2017-04-26 02:38 - 00100296 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 04:48 - 2017-04-26 02:38 - 00018888 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 04:48 - 2017-05-16 23:00 - 00019776 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00020824 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 04:48 - 2017-04-26 02:39 - 00123856 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-12 04:48 - 2017-04-26 02:38 - 00694224 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 01729360 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00020816 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-05-18 00:22 - 2017-04-26 02:38 - 00145864 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-05-18 00:22 - 2017-04-26 02:39 - 00019408 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-05-18 00:22 - 2017-04-26 02:38 - 00116688 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 04:48 - 2017-04-26 02:40 - 00105928 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 21:07 - 2017-05-16 23:01 - 00022864 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00060736 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00038712 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00024528 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-05-18 00:22 - 2017-04-26 02:38 - 00392656 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-05-18 00:22 - 2017-04-26 02:40 - 00020936 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00116176 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 04:48 - 2017-05-16 23:00 - 00392512 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00124880 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 21:07 - 2017-05-16 23:01 - 00026456 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00024016 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00175560 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00030160 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00043472 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00048592 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00057808 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00024016 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00246608 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00027488 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00022336 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-05-18 00:18 - 2017-05-16 23:01 - 00082264 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2015-12-12 04:48 - 2017-05-16 23:01 - 00025432 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00028616 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 01826104 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 04:48 - 2017-04-26 02:39 - 00083912 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\sip.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 01972024 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 03928896 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00171336 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00042816 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00531264 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00133432 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00224064 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00207680 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00060880 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-02-27 23:50 - 2017-05-16 23:01 - 00054608 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-01-20 22:43 - 2017-05-16 23:01 - 00022864 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 03:05 - 2017-05-16 23:01 - 00069968 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-01-20 22:43 - 2017-05-16 23:01 - 00022872 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-20 22:43 - 2017-05-16 23:01 - 00021848 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-20 22:43 - 2017-05-16 23:01 - 00022872 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 04:48 - 2017-04-26 02:40 - 00349128 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00103232 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2016-02-12 13:37 - 2017-05-16 23:01 - 00023896 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00025936 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-05-18 00:22 - 2017-04-26 02:34 - 00036296 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\librsync.dll
2017-05-18 00:22 - 2017-05-16 23:00 - 00033112 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-05-18 00:22 - 2017-03-22 12:07 - 00293392 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-05-18 00:22 - 2017-05-16 23:00 - 00084288 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-07-12 10:11 - 2017-05-16 23:01 - 00030536 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2017-05-18 00:22 - 2017-04-26 02:43 - 00017864 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-05-18 00:22 - 2017-04-26 02:43 - 01631184 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-08-05 21:07 - 2017-05-16 23:01 - 00026456 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-08 14:00 - 2017-05-16 23:01 - 00023368 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\wincrashpad.compiled._Crashpad.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00546104 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2017-05-18 00:22 - 2017-05-16 23:00 - 00357688 _____ () C:\Users\Romo\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
Code:
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\aeriagames.com -> hxxp://aeriagames.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-05-18 14:20 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2079666805-3719247669-552477099-1000\Control Panel\Desktop\\Wallpaper -> E:\Pics\Wandfotos\Jedi-Master-Yoda.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-05272017011856608\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Raptr"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FF734F89-2A15-4A9B-B53F-35A702064D50}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.812\opera.exe
FirewallRules: [{F20C1C9B-E5AF-4CEC-8506-25FA694C149E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6EEB16E7-4AB9-4C9B-A3F7-A6C050C3F914}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{E4378D98-293D-425F-B8EA-368F2251CCFF}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{C07B2376-3E15-49F0-93A8-76BD8EDE91B7}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{50093094-87F9-4E7B-A7AD-44D4B04BC61E}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{9EBF86FA-D7EF-4387-89EA-A3204638A75B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2125F6FB-F60F-4CB0-B103-B31E57CE2B5D}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{7F547509-00D9-46FC-B3B3-0F69620EA37D}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5C839772-6725-45C7-9016-C31C05DBE133}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{6506AC32-1126-4CD8-963C-8B4420B2EB0A}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{04B6599F-3E5B-4FFC-95BC-1ED85F696F4F}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{533BFCFC-5C38-4323-AC08-2A3FFD5F28AC}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{01D9A147-A547-4A56-A09D-BC0C230065A8}] => (Allow) E:\Programme\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{0A46AB41-4DF4-43F9-8037-DE442E63396F}] => (Allow) E:\Programme\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{A362A522-FEBE-4AEC-91EF-331612A2D9BA}] => (Allow) E:\Programme\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{B6E72A19-2109-4FBB-A168-D9D552421455}] => (Allow) E:\Programme\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{A8FF255F-77A9-4C39-BD9F-6B3A0E71F12C}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{CD4F3E3B-0D46-4194-8BB4-96522EA1518A}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6A33E5D8-DC65-4D84-96F0-741E7B5267D4}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EB1183A0-4109-44C1-A88A-E383C0109C3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{91340F72-103D-456C-96B7-7E58CD142AA1}] => (Allow) E:\Programme\Steam\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{1E38CA72-AF49-4E80-AB7F-259B155FF193}] => (Allow) E:\Programme\Steam\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [UDP Query User{233983CA-6316-4C1F-9A62-DA684B102B2A}E:\spiele\bd\bin64\blackdesert64.exe] => (Allow) E:\spiele\bd\bin64\blackdesert64.exe
FirewallRules: [TCP Query User{AFC54D0C-72F2-4CB5-A7EB-599C56CE8113}E:\spiele\bd\bin64\blackdesert64.exe] => (Allow) E:\spiele\bd\bin64\blackdesert64.exe
FirewallRules: [{8E9C5027-5245-4CEC-B374-05D8558B41B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DA58CEE-A131-4F88-907D-157BC3549BED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B146321F-18EB-4842-A6D3-58265F0FEF74}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Might and Magic Heroes VII\Binaries\Win64\MMH7Game-Win64-Shipping.exe
FirewallRules: [{EDDE1045-5298-4D0B-9495-F357B22FA241}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Might and Magic Heroes VII\Binaries\Win32\MMH7Game-Win32-Shipping.exe
FirewallRules: [{5620A8C5-574D-4C02-BF92-274BD8135580}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{09EBD7FE-D27D-4FB6-A543-F556B12ECA3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67BEE03A-3F53-4FF5-954B-EB1E0761366E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{905D632F-18FA-4C14-8FE0-7D0A24FCCEA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2587931A-7169-4B97-99E9-2C779D4BB4F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5BDBF42A-2ECA-4050-853F-80B07F855CB9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{297C0DFF-EE5A-4BF2-8308-8217F0850B2A}E:\spiele\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0E490114-B4A8-44E8-B9E6-B2327C62D4FB}E:\spiele\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5AFB575F-79CB-48C2-A924-2EB6D63EF2F0}E:\spiele\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F2ECE1B7-56FF-4E8D-99E7-72E7EF3C658A}E:\spiele\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DDB6CF5A-3F8D-4145-8589-07134703610F}E:\spiele\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C30F2FC7-BFCD-4880-8221-91BD3EC1DDA3}E:\spiele\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{605F9071-176A-45E2-A820-AFD8CB23CF3F}E:\spiele\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9CE2B071-87D3-4076-91DD-188C1A6F5424}E:\spiele\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CC20F77C-E0FD-4308-A569-C92948BCA8FC}E:\spiele\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B0C690E4-74CF-48AE-9BE1-9FB8094A0A5D}E:\spiele\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F41A5878-9B65-4F1E-8AEE-A62F093D6F5B}E:\programme\xampp\apache\bin\httpd.exe] => (Allow) E:\programme\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{9D2DEC29-10C0-4525-8123-639FC6EF9B36}E:\programme\xampp\apache\bin\httpd.exe] => (Allow) E:\programme\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{F5435DBE-1132-4BCA-BAF5-D0ACC2FD3C33}E:\programme\xampp\mysql\bin\mysqld.exe] => (Allow) E:\programme\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{D912A58C-5A8C-43DE-9370-C73DC6A1DFD8}E:\programme\xampp\mysql\bin\mysqld.exe] => (Allow) E:\programme\xampp\mysql\bin\mysqld.exe
FirewallRules: [{4294F962-F2E4-4EDE-A7A4-A1F32D864D42}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{60AD23DB-F1AD-4DDD-A554-97DAF066D1AF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{CF1FBD2A-7710-4163-9ACA-B7D3F8DC76B6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{14CC7767-74E7-4252-A54C-C9FA2758F75E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{1AEF786E-3CE4-4524-8F67-C0D8DBCC6A3B}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{E6950604-9276-4137-AEF3-64D521AC5C12}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{7427F3F7-7429-4BF2-8D1A-BE672BB662FF}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{03FBDD10-4468-4358-AB89-A7B7C2CD3B52}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F20AAB67-B927-4FF9-B1C7-0078DA6C9A95}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8C1D0215-FEFC-4973-8122-7D302BA4F62C}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{7EC109E8-9E1E-4BC8-844F-399CE39E9512}E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [UDP Query User{456D55A2-39B4-4AFA-B6C7-27A532AD333D}E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) E:\spiele\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [TCP Query User{0BCC52EC-003A-4ABF-80C1-AFBB5584ADC1}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{5B67B8A8-1535-46F3-8F41-F4BC7300C92C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{FDB94E7E-AA5A-4AB4-B831-956BDB269AB9}] => (Allow) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{996BD42D-0717-492F-B066-FAADAB795187}] => (Allow) C:\Users\Romo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{EF2AABCB-A590-4EE9-8DA8-66C8DC3D9E66}C:\users\romo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\romo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{908DD831-9F2C-4586-90E3-BEE40793CBF5}C:\users\romo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\romo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{FED65A20-D8B8-4C25-AF00-3F65D7B3E9B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{28152424-C1D2-4323-92FB-3DF05B1AEFB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{803A0466-7944-4783-9100-86A263E678BC}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [{CA1A2CA9-AF44-4983-9382-881B5349D01A}] => (Allow) E:\Spiele\Battle.net\Battle.net.exe
FirewallRules: [{FF1F4787-A2CA-4E5B-AF0C-15A68695979A}] => (Allow) E:\Spiele\Hearthstone\Hearthstone.exe
FirewallRules: [{D670722D-314A-4EA4-BE81-78DFA7B5118F}] => (Allow) E:\Spiele\Hearthstone\Hearthstone.exe
FirewallRules: [{3D67AC21-F5AC-4F79-8892-BCB093B6B3AC}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5EDA58E9-8584-4D54-B843-75B7A5B0DB54}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{48769F34-D4AE-4736-8F2C-4B1A9BED3B6C}] => (Allow) E:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{45E31AC8-0A6A-4CBC-B561-5C7D063C1C98}] => (Allow) E:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{6E35C3BE-B2BE-4C13-9E60-EAA5218F8759}E:\spiele\starcraft ii\versions\base26490\sc2.exe] => (Block) E:\spiele\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{471427F2-0995-442D-9ADE-DE631ADAAB14}E:\spiele\starcraft ii\versions\base26490\sc2.exe] => (Block) E:\spiele\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{5135B6C1-0102-4CD8-BD03-5E0E0002FCFE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{4B928102-D225-42AA-B1EA-00514A4D14A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{7D6D6BE8-95DF-4665-ABF6-481CA70536BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{4F27B8B3-3451-4310-9F4E-BB51F31A5EBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [TCP Query User{77D96BFD-7A1B-48F8-A5FB-544532717B8F}E:\spiele\eve\bin\exefile.exe] => (Allow) E:\spiele\eve\bin\exefile.exe
FirewallRules: [UDP Query User{94989ADA-E2C8-4581-8301-E3DDF157CEA6}E:\spiele\eve\bin\exefile.exe] => (Allow) E:\spiele\eve\bin\exefile.exe
FirewallRules: [{D1980288-5B3B-42EC-9DB2-0253FDF95021}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{FBCDA40A-015A-4CD2-914E-33ED2B663E3D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe
FirewallRules: [{5F0034C2-6109-44E2-890E-1A404C04A823}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{BBEA137D-5DB9-43D7-90C0-53E582FF8993}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{CFAC4C6D-7760-4831-AAC1-3F0B68326D58}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{964BD6E9-C03F-4633-A3AA-CB6CEC73607A}] => (Allow) E:\Programme\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F25413A6-C102-4938-83B8-DB9BA90C4996}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{86E8A651-65EA-4A8A-8703-F62B140A711C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{8D18A307-8F6D-439F-AE18-B438CB5A6BB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{53B78F25-93BA-4406-B755-18233BD216D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{63C300F6-4516-4C8F-B01F-85DFE29053D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{B103BBC0-A5CC-4E71-B567-5521B7EAE642}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{F286EC9D-0292-4209-97B7-F4E418252658}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{CC09E035-3EFB-4C9C-875B-B652432BE719}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{1AD599DB-7C46-406C-8AAE-C65D944B2F3C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{459C8498-7C16-4ED1-B770-1C4609B9EFD6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{15ABD881-205A-4033-8CCE-F476DC36C22D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{526B431D-7081-42A3-85F1-0EAAF2EAC944}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{B9C41390-AA91-4DD5-B43A-DA5BC523319B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{AE34FAC9-F14D-4C8C-A008-A7934633B219}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{79FD85C2-5162-4E06-93B5-14157AB8B0C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{E11BC352-0969-4F6D-AFB8-7CB8711CA365}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{D0AF3DBF-99CF-4BED-B99D-ABE38A9506D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{37443201-508C-41F6-8C77-05000A17ADBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{0154EA04-2744-4B9D-895C-6E3D31900055}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A2A05E31-E155-425F-8AD9-975B0FACCE30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{E605E08C-D2F9-4AC5-8D08-095537CAA0EE}] => (Allow) E:\Programme\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{6D3607F4-A594-446B-82B0-0EA28ACC6C1D}] => (Allow) E:\Programme\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{7BB34B0D-A36E-40CF-981E-9ED39D89F95D}] => (Allow) E:\Programme\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{C4119BD1-6DAD-4A61-BEB5-15799C0520C9}] => (Allow) E:\Programme\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [TCP Query User{ECA6EEEC-8F98-4928-A36C-7CC59AD667F0}C:\users\romo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\romo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{469B4877-8C54-484F-A59D-1FD016606FEA}C:\users\romo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\romo\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6D5ECDD8-E523-4939-831D-00A791C72F8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{74B9CC25-9B3C-4AC8-B3D8-7A36FA0815A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{222C4427-CA32-4DFD-A1F3-3BA1656A53D4}C:\users\romo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\romo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{67283F26-6C32-418D-8E5D-BB1A2DA7E0D9}C:\users\romo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\romo\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A7977C2B-6828-4130-98EF-79A44193A89C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{989D3131-8756-4288-AD73-1C815A7F2DAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{784C51B4-83B7-4001-A2D7-B57F61162359}C:\users\romo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\romo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0869BE87-F25D-4A0C-AE4E-A22C1AEF1A2C}C:\users\romo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\romo\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A1AA4684-84F3-4A6A-B6ED-47071A6CD4CF}] => (Allow) E:\Spiele\aura\AuraKingdom-DE\game.bin
FirewallRules: [{28A5184E-D7E5-4DE6-ACE7-273F012764A9}] => (Allow) E:\Spiele\aura\AuraKingdom-DE\game.bin
FirewallRules: [TCP Query User{F9F43865-DE09-431C-B59D-AF83C9F33CF6}C:\users\romo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\romo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{73F9D900-B92E-4740-AC39-432D2183916A}C:\users\romo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\romo\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{6519EF37-887E-49FD-8CB2-41D0BAF3FFFC}E:\spiele\dragon's prophet\launcher.exe] => (Allow) E:\spiele\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{2E2C203E-A736-421E-9906-0ABF37A784F9}E:\spiele\dragon's prophet\launcher.exe] => (Allow) E:\spiele\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{06A9D76D-53AA-461C-B440-E6C823FCEB98}E:\spiele\dragon's prophet\dp_x64.exe] => (Allow) E:\spiele\dragon's prophet\dp_x64.exe
FirewallRules: [UDP Query User{33E9569E-C437-4924-8715-23D4B87BF962}E:\spiele\dragon's prophet\dp_x64.exe] => (Allow) E:\spiele\dragon's prophet\dp_x64.exe
FirewallRules: [TCP Query User{5ADAAD0E-9DCD-44CB-B84B-3216006D35D4}C:\programdata\battle.net\agent\agent.3334\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3334\agent.exe
FirewallRules: [UDP Query User{523F212B-CF6E-4645-A535-8168D43F5BF0}C:\programdata\battle.net\agent\agent.3334\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3334\agent.exe
FirewallRules: [TCP Query User{E5E7C7A2-628D-4E11-9136-0485644CBC35}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{40EF9DCC-912E-434A-9958-76E91E07A986}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{7B7D3759-B99E-4C0E-9D95-AEFF57FC8C02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{D4B107C1-327C-41BB-8976-F31E79ECB3AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{51E2A8CC-A6B0-4962-AF9A-D159408D595D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{60D42DE5-269C-4A0A-8322-DF558F1F1C07}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3AF6F577-2F27-4A66-BFF3-82CC10A3B461}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{8DD20CDE-9B8C-4FCF-B6ED-7BE71B8B67CD}] => (Allow) E:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{EB5505DF-B7B6-4F2D-A197-F10B955A59D8}] => (Allow) E:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{C63CF0A6-14E9-4893-9DEA-EAD740FD13D2}E:\spiele\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\spiele\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{5796254E-00B7-485D-8D53-BC561292EFC8}E:\spiele\starcraft ii\versions\base32283\sc2.exe] => (Allow) E:\spiele\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{F4065119-E022-48D2-8458-E15ECB2B201C}] => (Allow) E:\Spiele\koa\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{BFEF1B7F-736C-460E-BF91-56AF030ACBCA}] => (Allow) E:\Spiele\koa\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{50432403-A4D1-4A68-8F38-67EDDED23058}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{C2521D56-B54E-4F69-8749-E3139F0194E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{48C6C541-9888-4BC6-95B4-0A483BABDFFC}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{97897F19-DF42-4585-AD1D-CB5725E2C229}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{11297D55-C928-46CD-8DBF-5E41FA2469AD}C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{343C4617-F654-4173-A9A6-D3D71888D0C7}C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [TCP Query User{2E35EA49-CDB5-4AEC-A558-ABAEC948D478}E:\spiele\eso\launcher\bethesda.net_launcher.exe] => (Allow) E:\spiele\eso\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{11573AEB-32F6-434F-BFCE-A7201AA4982F}E:\spiele\eso\launcher\bethesda.net_launcher.exe] => (Allow) E:\spiele\eso\launcher\bethesda.net_launcher.exe
FirewallRules: [{C9962607-4E70-463B-BEB5-4A134FC091B0}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\dosbox_windows\dosbox.exe
FirewallRules: [{FF83B4A2-AA0A-472D-BC95-1FDDB58C6E6E}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\dosbox_windows\dosbox.exe
FirewallRules: [{8CE435D0-B403-4625-AFDA-F322B61B8B48}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\dosbox_windows\daum\dosbox.exe
FirewallRules: [{B517A62C-0F2E-4079-9721-2BF47CB7B6EB}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\dosbox_windows\daum\dosbox.exe
FirewallRules: [{D195F38F-B510-4659-A89D-51501DDE280C}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\wizardry7gold\WIZARD.EXE
FirewallRules: [{F3114590-1816-414C-9D94-60ED0F841596}] => (Allow) E:\Programme\Steam\SteamApps\common\Wizardry7\wizardry7gold\WIZARD.EXE
FirewallRules: [TCP Query User{D162E9B0-C68C-4B8A-8D0A-DA6EE7C3D02C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BBF5EBE0-D627-4ED4-A445-FE054B907E13}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{57D8A5DB-51F6-4963-9A98-D3B610065332}E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4A3ADF49-92A0-42D8-925D-6EFE35294F91}E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{90C01B14-A839-4D26-BA91-E9387B15B9C8}E:\spiele\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{382BB40C-4FB3-45AE-A58E-B885D1873E91}E:\spiele\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) E:\spiele\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{2B42B30E-7339-4A70-BAB1-622C89F7D022}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B5283800-4C45-4276-B178-A5FD34892DBA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{212F706A-C374-4E92-BB05-CBC09F4DDF2B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{677A82AA-1681-4E71-90F8-44571162566A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F8C2D19B-6E05-4564-8664-EF4EB17B7FCF}] => (Allow) E:\Download\bin\BlackDesert32.exe
FirewallRules: [{894FDA0C-80C1-458C-BFE3-F11554CE81B5}] => (Allow) E:\Download\bin64\BlackDesert64.exe
FirewallRules: [{79A02D9E-3ECD-4B1F-BD0E-5C48B1762835}] => (Allow) E:\Download\BlackDesert_Launcher.exe
FirewallRules: [{A2A664EC-94D8-4630-8995-BD838B880744}] => (Allow) E:\Download\BlackDesert_Downloader.exe
FirewallRules: [TCP Query User{B9425A80-7E03-48CB-9906-7251F3C7026E}E:\spiele\overwatch\overwatch.exe] => (Block) E:\spiele\overwatch\overwatch.exe
FirewallRules: [UDP Query User{875F3297-D22A-4E00-9A0D-7B4968BB619A}E:\spiele\overwatch\overwatch.exe] => (Block) E:\spiele\overwatch\overwatch.exe
FirewallRules: [{AAE42158-D8F4-416C-A0DD-FBC3EB181B1C}] => (Allow) E:\Spiele\warships\WoWSLauncher.exe
FirewallRules: [{8DFE030E-9AA2-4F09-B9D9-B49F1F7B9296}] => (Allow) E:\Spiele\warships\WoWSLauncher.exe
FirewallRules: [{B4DB2673-89F4-4ECD-8689-50831F7FA65D}] => (Allow) E:\Spiele\warships\worldofwarships.exe
FirewallRules: [{A6B3FA31-6A3B-4176-A90D-4B99D7EA137C}] => (Allow) E:\Spiele\warships\worldofwarships.exe
FirewallRules: [{E11C9931-F88E-48FC-947E-AB94CBCE9BB5}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/27/2017 10:04:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (05/27/2017 09:48:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/27/2017 09:30:09 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.

Error: (05/27/2017 09:15:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/27/2017 08:48:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/27/2017 08:30:09 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.

Error: (05/27/2017 08:17:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/27/2017 07:48:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/27/2017 07:30:09 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.

Error: (05/27/2017 07:17:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Romo-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (05/27/2017 03:22:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 03:22:19 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Romo\AppData\Local\Temp\ehdrv.sys

Error: (05/27/2017 03:22:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 03:22:18 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Romo\AppData\Local\Temp\ehdrv.sys

Error: (05/27/2017 03:22:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 03:22:18 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Romo\AppData\Local\Temp\ehdrv.sys

Error: (05/27/2017 03:22:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 03:22:18 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Romo\AppData\Local\Temp\ehdrv.sys

Error: (05/27/2017 03:22:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 03:22:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Romo\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-05-20 11:16:41.009
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-20 11:14:33.397
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16328.05 MB
Verfügbarer physikalischer RAM: 12771.79 MB
Summe virtueller Speicher: 32712.05 MB
Verfügbarer virtueller Speicher: 28466.83 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:111.13 GB) (Free:36.33 GB) NTFS
Drive e: (Speicher) (Fixed) (Total:931.51 GB) (Free:667.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 20BBE221)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 795CC074)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

burningice 28.05.2017 11:56
Und meine Frage? :)

Benfuzius 29.05.2017 14:59
Ne eigentlich hab ich keine Probleme mehr.


Ich dank Dir schonmal im Vorraus für den tollen Support.

burningice 29.05.2017 18:46
Schritt: 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
2017-05-17 01:41 - 2017-05-17 15:19 - 00000000 ____D C:\Program Files\REIMAGE.del
2017-05-16 11:17 - 2017-05-18 15:11 - 00000000 ____D C:\ProgramData\BIT.del
2017-05-16 11:16 - 2017-05-27 03:21 - 00000000 ____D C:\Users\Romo\AppData\Roaming\WINSAPSVC.del
2017-05-16 11:16 - 2017-05-27 03:21 - 00000000 ____D C:\Users\Romo\AppData\Local\CWASRE.del
cmd: type C:\WINDOWS\winstart.bat
Task: {8B16D510-0CDC-4058-BB76-3CBD544D8F8C} - \HP Deskjet 3840 Series -> Keine Datei <==== ACHTUNG
IE trusted site: HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\aeriagames.com -> hxxp://aeriagames.com
empytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Benfuzius 29.05.2017 23:38
Code:
ntferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-05-2017
durchgeführt von Romo (30-05-2017 00:37:05) Run:2
Gestartet von C:\Users\Romo\Desktop
Geladene Profile: Romo &  (Verfügbare Profile: Romo & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
2017-05-17 01:41 - 2017-05-17 15:19 - 00000000 ____D C:\Program Files\REIMAGE.del
2017-05-16 11:17 - 2017-05-18 15:11 - 00000000 ____D C:\ProgramData\BIT.del
2017-05-16 11:16 - 2017-05-27 03:21 - 00000000 ____D C:\Users\Romo\AppData\Roaming\WINSAPSVC.del
2017-05-16 11:16 - 2017-05-27 03:21 - 00000000 ____D C:\Users\Romo\AppData\Local\CWASRE.del
cmd: type C:\WINDOWS\winstart.bat
Task: {8B16D510-0CDC-4058-BB76-3CBD544D8F8C} - \HP Deskjet 3840 Series -> Keine Datei <==== ACHTUNG
IE trusted site: HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2079666805-3719247669-552477099-1000\...\aeriagames.com -> hxxp://aeriagames.com
empytemp:
*****************

C:\Program Files\REIMAGE.del => erfolgreich verschoben
C:\ProgramData\BIT.del => erfolgreich verschoben
C:\Users\Romo\AppData\Roaming\WINSAPSVC.del => erfolgreich verschoben
C:\Users\Romo\AppData\Local\CWASRE.del => erfolgreich verschoben

========= type C:\WINDOWS\winstart.bat =========



========= Ende von CMD: =========

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8B16D510-0CDC-4058-BB76-3CBD544D8F8C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B16D510-0CDC-4058-BB76-3CBD544D8F8C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP Deskjet 3840 Series => Schlüssel nicht gefunden.
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aeriagames.com => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-2079666805-3719247669-552477099-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aeriagames.com => Schlüssel nicht gefunden.
empytemp: => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.

==== Ende von Fixlog 00:37:05 ====

burningice 31.05.2017 16:37
Wir müssen noch bisschen was checken auf deinem PC, aber das schlimmste haben wir hinter uns :)

FRST Fix
  • Kopiere den Inhalt der folgenden Code-Box vollständig:
    Code:
    Start::
    ExportKey: HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Disallowed\Certificates
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates
    ExportKey: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates
    emptytemp:
    End::
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte automatisch aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Benfuzius 03.06.2017 14:53
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Romo (03-06-2017 15:50:09) Run:3
Gestartet von C:\Users\Romo\Desktop
Geladene Profile: Romo (Verfügbare Profile: Romo & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

ExportKey: HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\Disallowed\Certificates
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates
ExportKey: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates
emptytemp:

*****************

================== ExportKey: ===================

[HKUS-1-5-21-2079666805-3719247669-552477099-1000\Software\Microsoft\SystemCertificates\Disallowed\Certificates]

=== Ende von ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates]
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\03D22C9C66915D58C88912B64C1F984B8344EF09]
"Blob"="0f000000010000002000000049e1d274c369098b74ade85fdc204a4093683e58a6a4e2d53e386e1d3a3172ac03000000010000001400000003d22c9c66915d58c88912b64c1f984b8344ef092000000001000000220600003082061e30820506a0030201 (Der Dateneintrag hat 3116 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\0F684EC1163281085C6AF20528878103ACEFCAAB]
"Blob"="0f0000000100000020000000fcdda9548696d4f09f66143b6598d8d29fa06bb6ba4c4c05ea9f9de13c46705e0300000001000000140000000f684ec1163281085c6af20528878103acefcaab2000000001000000d4050000308205d0308204b8a0030201 (Der Dateneintrag hat 2960 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\1667908C9E22EFBD0590E088715CC74BE4C60884]
"Blob"="0f0000000100000014000000a980b12766d5dcbd1b0f482dcd6dcd2b661d8d510300000001000000140000001667908c9e22efbd0590e088715cc74be4c608842000000001000000bf050000308205bb308204a3a0030201020210465ae7100f1ea246d2 (Der Dateneintrag hat 2894 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\18DEA4EFA93B06AE997D234411F3FD72A677EECE]
"Blob"="0f0000000100000020000000a402b786a3eb74fcb4e518dbd094e8c86d898f6717b9a76d988b7a203895696c03000000010000001400000018dea4efa93b06ae997d234411f3fd72a677eece2000000001000000d8040000308204d4308203bca0030201 (Der Dateneintrag hat 2456 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF]
"Blob"="0f0000000100000020000000eaa555612a9b2cdfc14cddaae6363cf719aee05754c9375fef45ee986bd273550300000001000000140000002026d13756eb0db753df26cb3b7eebe3e70bb2cf20000000010000001f0500003082051b30820403a0030201 (Der Dateneintrag hat 2598 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\31AC96A6C17C425222C46D55C3CCA6BA12E54DAF]
"Blob"="0f0000000100000020000000ec7869f95e3d8d485f94f1ad63260a10988e1437c5430664a6290d34e797792d03000000010000001400000031ac96a6c17c425222c46d55c3cca6ba12e54daf20000000010000001505000030820511308203f9a0030201 (Der Dateneintrag hat 2578 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\331E2046A1CCA7BFEF766724394BE6112B4CA3F7]
"Blob"="0f0000000100000014000000618d7e55a24c1d8b65a0bcce79120c5e3b13fa4d030000000100000014000000331e2046a1cca7bfef766724394be6112b4ca3f720000000010000000905000030820505308203eda0030201020210774d49c5649436de6b (Der Dateneintrag hat 2530 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\3353EA609334A9F23A701B9159E30CB6C22D4C59]
"Blob"="0f0000000100000020000000611f38d5b331c39cc0c8094b5c26984136313f0414dbf58155ae87d94f12c40a0300000001000000140000003353ea609334a9f23a701b9159e30cb6c22d4c592000000001000000d4040000308204d0308203b8a0030201 (Der Dateneintrag hat 2448 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\373C33726722D3A5D1EDD1F1585D5D25B39BEA1A]
"Blob"="0f0000000100000020000000ecfb3b0473997d6aa020ffd480fb03eafc6218053159ac2eb60052b6ac943d1d030000000100000014000000373c33726722d3a5d1edd1f1585d5d25b39bea1a2000000001000000e8040000308204e4308203cca0030201 (Der Dateneintrag hat 2488 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F]
"Blob"="0f0000000100000014000000f456b58a14a36d192a8774a2fecf7284a564e0360300000001000000140000003850edd77cc74ec9f4829ae406bbf9c21e0da87f2000000001000000200500003082051c30820404a00302010202100f668fb0f0f002b774 (Der Dateneintrag hat 2576 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\3D496FA682E65FC122351EC29B55AB94F3BB03FC]
"Blob"="0f00000001000000200000002c4279bba558ef1d12e32ee8c45df31dba6ec8fe0ae57ac50b1695c068c0d9da0300000001000000140000003d496fa682e65fc122351ec29b55ab94f3bb03fc200000000100000057050000308205533082043ba0030201 (Der Dateneintrag hat 2710 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159]
"Blob"="0f0000000100000014000000f086710273cc2bd48d97f3bd8be55cdd80042d9d0300000001000000140000004243a03db4c3c15149cea8b38eea1da4f26bd1592000000001000000e5040000308204e1308203c9a00302010202103942fe1de9b44298ff (Der Dateneintrag hat 2458 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01]
"Blob"="0f00000001000000140000007f069f54db053f2545481c04ae86d26b84c0d35403000000010000001400000042727e052c0c2e1b35ab53e1005fd9edc9de8f012000000001000000350500003082053130820419a003020102020900a7326e82fd916ea2 (Der Dateneintrag hat 2618 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\4420C99742DF11DD0795BC15B7B0ABF090DC84DF]
"Blob"="0f0000000100000020000000693a3a3c267fd6c33f1b492d00cf5456840f0f9bd1ed5a945b53c728bf2d452a0300000001000000140000004420c99742df11dd0795bc15b7b0abf090dc84df2000000001000000cf040000308204cb308203b3a0030201 (Der Dateneintrag hat 2438 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF]
"Blob"="0f0000000100000020000000fdc517a88592334af370669e6db08a80b4e48214a788447015c18c76bdd402c90300000001000000140000004c0af5719009b7c9d85c5eaedfa3b7f090fe5fff2000000001000000bd050000308205b9308204a1a0030201 (Der Dateneintrag hat 2914 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\5240AB5B05D11B37900AC7712A3C6AE42F377C8C]
"Blob"="0f0000000100000020000000965f712966165910306b230ee1d70e89cf7b7a8af25004a9ee8d9f6eabb306cd0300000001000000140000005240ab5b05d11b37900ac7712a3c6ae42f377c8c200000000100000049050000308205453082042da0030201 (Der Dateneintrag hat 2682 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\5DD3D41810F28B2A13E9A004E6412061E28FA48D]
"Blob"="0f000000010000001400000063e62ed9cb92684a3013dd9ba97c45309b1cc1700300000001000000140000005dd3d41810f28b2a13e9a004e6412061e28fa48d2000000001000000a9050000308205a53082048da0030201020210076aebf2b07a553a6a (Der Dateneintrag hat 2850 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\7457A3793086DBB58B3858D6476889E3311E550E]
"Blob"="0f0000000100000020000000b4e49c5313c911ddc5a13ae48aae3cf87d8c04beac8c2bf1d6102f0b0d9f4fac0300000001000000140000007457a3793086dbb58b3858d6476889e3311e550e200000000100000027060000308206233082050ba0030201 (Der Dateneintrag hat 3126 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\76A9295EF4343E12DFC5FE05DC57227C1AB00D29]
"Blob"="0f000000010000001400000055bfca5097cb6ff5af5cf8364c31ad8afc6c284103000000010000001400000076a9295ef4343e12dfc5fe05dc57227c1ab00d292000000001000000cd040000308204c9308203b1a00302010202121121e5c807f8d3b820 (Der Dateneintrag hat 2410 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\872CD334B7E7B3C3D1C6114CD6B221026D505EAB]
"Blob"="0f00000001000000140000005595481af6538298bd0e35edb6d7de5ceee313f6030000000100000014000000872cd334b7e7b3c3d1c6114cd6b221026d505eab200000000100000059050000308205553082043da003020102021024be55999e338f74f9 (Der Dateneintrag hat 2690 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\9132E8B079D080E01D52631690BE18EBC2347C1E]
"Blob"="0f0000000100000020000000b6e5307329bba4cb8a1c0545ac3855a1d4bf8e70349f9629148168e12e95d4540300000001000000140000009132e8b079d080e01d52631690be18ebc2347c1e2000000001000000d5040000308204d1308203b9a0030201 (Der Dateneintrag hat 2450 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\982D98951CF3C0CA2A02814D474A976CBFF6BDB1]
"Blob"="0f0000000100000014000000c640d30123c70970c04e336f86742919ab49d8f6030000000100000014000000982d98951cf3c0ca2a02814d474a976cbff6bdb1200000000100000099050000308205953082047da00302010202101abee452f106342568 (Der Dateneintrag hat 2818 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361]
"Blob"="0f000000010000001400000042a8959fc98445817dc59c70a9eb658f66a13d270300000001000000140000009a08641f7c5f2cca0888388be3e5dbddaaa3b36120000000010000000a05000030820506308203eea00302010202106fbb6e1d2367dc6bd3 (Der Dateneintrag hat 2532 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\9C43F665E690AB4D486D4717B456C5554D4BCEB5]
"Blob"="0f00000001000000200000003cdb6ce0e411e01beb75f6a858267cbc3806c3ac9f72bdff810a6bb190c3aef80300000001000000140000009c43f665e690ab4d486d4717b456c5554d4bceb520000000010000000d06000030820609308204f1a0030201 (Der Dateneintrag hat 3074 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\A5341949ABE1407DD7BF7DFE75460D9608FBC309]
"Blob"="0f0000000100000020000000cd3824cb80e2102e1d738ae5de9eb1a19fa601f15a9c821773f3e0fc18cc34be030000000100000014000000a5341949abe1407dd7bf7dfe75460d9608fbc3092000000001000000cd040000308204c9308203b1a0030201 (Der Dateneintrag hat 2434 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\A59CC32724DD07A6FC33F7806945481A2D13CA2F]
"Blob"="0f00000001000000200000007ef52899712460aa664e437d61b5e556c16f7a8aca4d2e662c5926879d9f8a05030000000100000014000000a59cc32724dd07a6fc33f7806945481a2d13ca2f2000000001000000ab050000308205a73082048fa0030201 (Der Dateneintrag hat 2878 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947]
"Blob"="0f000000010000001400000016943ddbd3b569119a81be71548717abd03f1736030000000100000014000000ab7e760da2485ea9ef5a6eee7647748d4ba6b947200000000100000057050000308205533082043ba0030201020210266d333ede17a8b472 (Der Dateneintrag hat 2686 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\AD4C5429E10F4FF6C01840C20ABA344D7401209F]
"Blob"="0f0000000100000014000000f4753b06b08938794c32c2475cee663143036d08030000000100000014000000ad4c5429e10f4ff6c01840c20aba344d7401209f20000000010000001b05000030820517308203ffa003020102021007c70f7cab145bc1ed (Der Dateneintrag hat 2566 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\AD96BB64BA36379D2E354660780C2067B81DA2E0]
"Blob"="0f0000000100000014000000ac9576f5216b577fc188f0575d06a8d1053b6700030000000100000014000000ad96bb64ba36379d2e354660780c2067b81da2e0200000000100000047050000308205433082042ba00302010202100ebfea68d677b3e26c (Der Dateneintrag hat 2654 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\CDC37C22FE9272D8F2610206AD397A45040326B8]
"Blob"="0f00000001000000200000007d40bb1f1db5b011b38904becaf8826c54984549e18a756ee2f6a7c8fcf32256030000000100000014000000cdc37c22fe9272d8f2610206ad397a45040326b82000000001000000d3040000308204cf308203b7a0030201 (Der Dateneintrag hat 2446 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598]
"Blob"="0f00000001000000200000007dfeb8bba5f3067e37723d94db6c2dc319f160e8f1c1be9438d9d180dfdc3871030000000100000014000000d3f78d747e7c5d6d3ae8abfdda7522bfb4cbd5982000000001000000bd050000308205b9308204a1a0030201 (Der Dateneintrag hat 2914 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\DB303C9B61282DE525DC754A535CA2D6A9BD3D87]
"Blob"="0f00000001000000140000002f0db96c53e2c649e8eba9a6ace632115cf01d55030000000100000014000000db303c9b61282de525dc754a535ca2d6a9bd3d872000000001000000350500003082053130820419a00302010202100e35b17e146412e15b (Der Dateneintrag hat 2618 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\DB77E5CFEC34459146748B667C97B185619251BA]
"Blob"="0f00000001000000200000000b9fc519cf25aae45ec3af37a3ca90cea942ee45a1b2c8ec1c827ce89cd1aa9d030000000100000014000000db77e5cfec34459146748b667c97b185619251ba20000000010000001c0500003082051830820400a0030201 (Der Dateneintrag hat 2592 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\E22240E837B52E691C71DF248F12D27F96441C00]
"Blob"="0f0000000100000020000000059929ffe9f30b66f3c9f3c3469f553a55cecf53adc1cf31998779e70f17e0e5030000000100000014000000e22240e837b52e691c71df248f12d27f96441c0020000000010000002d0500003082052930820411a0030201 (Der Dateneintrag hat 2626 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF]
"Blob"="0f000000010000002000000072b50de3fefcbed6fdb86eb20ae220c6146b7ed8e75a30350a6306c9ed1cda57030000000100000014000000e513eab8610cffd7c87e00bca15c23aab407fcef2000000001000000f6040000308204f2308203daa0030201 (Der Dateneintrag hat 2516 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\ED841A61C0F76025598421BC1B00E24189E68D54]
"Blob"="0f00000001000000140000007875b35b5353f2802335e564392a3cf8e00e5bde030000000100000014000000ed841a61c0f76025598421bc1b00e24189e68d5420000000010000001b05000030820517308203ffa00302010202103db29a3651f3f5e49c (Der Dateneintrag hat 2566 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\F83099622B4A9F72CB5081F742164AD1B8D048C9]
"Blob"="0f00000001000000140000007b0e04fa57f7f5a05d3c7d03e8a1ff4399b108aa030000000100000014000000f83099622b4a9f72cb5081f742164ad1b8d048c92000000001000000520500003082054e30820436a00302010202101de10ded541d51e73b (Der Dateneintrag hat 2676 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\FBB42F089AF2D570F2BF6F493D107A3255A9BB1A]
"Blob"="0f0000000100000020000000b86b0ef973ae4de364272ec775158cb9b6ed27e045257b7f450962fc85ae9b7a030000000100000014000000fbb42f089af2d570f2bf6f493d107a3255a9bb1a2000000001000000dd040000308204d9308203c1a0030201 (Der Dateneintrag hat 2466 mehr Zeichen)."
[HKLM\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates\FFFA650F2CB2ABC0D80527B524DD3F9FC172C138]
"Blob"="0f0000000100000014000000342603ada587e5a01228ce6e8b6cfa5b0a095fc1030000000100000014000000fffa650f2cb2abc0d80527b524dd3f9fc172c1382000000001000000350500003082053130820419a003020102021071a10027f8f21c1021 (Der Dateneintrag hat 2618 mehr Zeichen)."

=== Ende von ExportKey ===
================== ExportKey: ===================

[HKUS-1-5-21-2079666805-3719247669-552477099-1000\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates]

=== Ende von ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates]

=== Ende von ExportKey ===

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32865621 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 152434250 B
Edge => 4300786 B
Chrome => 0 B
Firefox => 379157120 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 563894 B
NetworkService => 0 B
Romo => 605688077 B
DefaultAppPool => 0 B

RecycleBin => 11339087 B
EmptyTemp: => 1.1 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:50:19 ====

burningice 04.06.2017 20:09
FRST Fix
  • Kopiere den Inhalt der folgenden Code-Box vollständig:
    Code:
    Start::
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates
    reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates
    reg: reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates /ve /f
    reg: reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Disallowed\Certificates
    reboot:
    End::
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte automatisch aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:55 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131