Malware/Adware "pstatic.eshopcomp" lässt sich nicht entfernen

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06-05-2017
durchgeführt von janfo (06-05-2017 13:45:29)
Gestartet von G:\Users\janfo\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-30 01:48:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-203697209-747612459-3142240203-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-203697209-747612459-3142240203-503 - Limited - Disabled)
Gast (S-1-5-21-203697209-747612459-3142240203-501 - Limited - Disabled)
janfo (S-1-5-21-203697209-747612459-3142240203-1001 - Administrator - Enabled) => C:\Users\janfo

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 15.14 (HKLM-x32\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Ableton Live 9 Suite (HKLM\...\{D3E03B95-EA53-4817-8907-DDA4C722E031}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version:  - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version:  - SkyBox Labs)
Anno 1404 (HKLM\...\Steam App 33250) (Version:  - Blue Byte)
Anno 1404: Venice (HKLM\...\Steam App 33350) (Version:  - Blue Byte)
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
ASUS USB-N10 Wireless LAN Driver (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.0.0.6 - ASUS)
ASUS Xonar Essence STX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version:   - ASUSTeK Computer Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Battlefield™ 1 CTE (HKLM-x32\...\{E970EAB6-8F6F-4E72-AB13-F6648397322C}) (Version: 1.0.49.37540 - Electronic Arts)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.62791 - Electronic Arts)
Bejeweled 3 (HKLM\...\Steam App 78000) (Version:  - PopCap Games, Inc.)
Bit Blaster XL (HKLM\...\Steam App 433950) (Version:  - Nickervision Studios)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Castle Crashers (HKLM\...\Steam App 204360) (Version:  - The Behemoth)
Europa Universalis IV (HKLM\...\Steam App 236850) (Version:  - Paradox Development Studio)
Firewatch (HKLM\...\Steam App 383870) (Version:  - Campo Santo)
Func KB-460 Settings software (HKLM-x32\...\{8918A402-4EEF-489F-940F-DC25BEEFA6FF}_sbay) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Imperium Romanum: Gold Edition (HKLM\...\Steam App 23400) (Version:  - Haemimont Games)
Jazz-Plugin (HKLM-x32\...\{4D91EBA9-1769-467B-982B-C0693147D353}) (Version: 1.5 - Jazz-Soft)
Kingdom Come: Deliverance (Beta Access) (HKLM\...\Steam App 286860) (Version:  - )
Kopanito All-Stars Soccer (HKLM\...\Steam App 399820) (Version:  - Merixgames)
Max 7 (64-bit) (HKLM\...\{3322582E-4068-493C-9D9D-9949C2859C62}) (Version: 7.2.4 - Cycling '74)
Microsoft OneDrive (HKU\S-1-5-21-203697209-747612459-3142240203-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Neon Drive (HKLM\...\Steam App 433910) (Version:  - Fraoula)
No Time To Explain Remastered (HKLM\...\Steam App 368730) (Version:  - tinyBuild)
Northgard (HKLM\...\Steam App 466560) (Version:  - Shiro Games)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.8.36918 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.234.0 - Overwolf Ltd.)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PC Remote (HKLM-x32\...\{C934DF74-D0D9-445C-90AA-34012A04E11D}) (Version: 3.51 - PC Remote)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Prison Architect (HKLM\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
Reigns (HKLM\...\Steam App 474750) (Version:  - Nerial)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Robot Roller-Derby Disco Dodgeball (HKLM\...\Steam App 270450) (Version:  - Erik Asmussen)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Ryse: Son of Rome (HKLM\...\Steam App 302510) (Version:  - Crytek)
Serious Sam 3: BFE (HKLM\...\Steam App 41070) (Version:  - Croteam)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
ShootMania Storm (HKLM\...\Steam App 229870) (Version:  - Nadeo)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-203697209-747612459-3142240203-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steam Customizer (HKU\S-1-5-21-203697209-747612459-3142240203-1001\...\Steam Customizer) (Version: 1.00.00.00 - Blumont)
Stronghold Crusader Extreme HD (HKLM\...\Steam App 16700) (Version:  - Firefly Studios)
Synthesia (HKLM-x32\...\Synthesia) (Version: 10.2 - Synthesia LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Universim - Mother Planet Demo (HKLM\...\Steam App 401980) (Version:  - Crytivo Games)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Tom Clancy's Rainbow Six: Vegas 2 (HKLM\...\Steam App 15120) (Version:  - Ubisoft Montreal)
TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.3.1 - TP-LINK)
Tropico 5 (HKLM\...\Steam App 245620) (Version:  - Haemimont Games)
Universe Sandbox ² (HKLM\...\Steam App 230290) (Version:  - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 22.1 - Ubisoft)
Viridi (HKLM\...\Steam App 375950) (Version:  - Ice Water Games)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00191316-7237-4F03-ACF0-B0A4087599DB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {01153C99-AA2E-462F-84F0-94B3D7CBBD37} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {34717CBE-17B9-46E8-99EC-C5F9CFB0C754} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {5E0ABEE7-F34E-432C-B45B-8F66B2501563} - \Qirakmomse -> Keine Datei <==== ACHTUNG
Task: {6052AB36-339F-4433-B6C2-B70F3E9AC43B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {76A64C83-3347-465D-90A9-CBF6EA523E2C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {97A70E5D-9448-401A-9FBF-87A8BF411609} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-18] (Google Inc.)
Task: {D0C2F0E0-119B-4845-A88B-9478ABB61A9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {DD0EEB43-BCBE-4785-BA4C-A9E32FA71739} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-04-30] (Overwolf LTD)
Task: {E27C2A74-3EA1-47CF-A3B0-8632B74E176D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {EC1F51AB-ECBE-4320-95AD-21C84972B3D0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {F72D3A70-6BDC-4CFB-BF33-6D852F708FDF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {FC265849-D131-4BB5-AFDF-1995696302B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-18] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\janfo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 17:21 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-04 19:05 - 2016-10-04 19:05 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-10-04 19:05 - 2016-10-04 19:05 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-11-15 19:50 - 2017-02-23 20:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-15 19:50 - 2017-02-23 20:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-03 23:21 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-03 23:21 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-09-30 03:42 - 2017-02-10 00:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-04-12 17:21 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-30 04:39 - 2016-09-30 04:39 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 13:58 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 13:59 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 13:59 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 13:59 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 17:21 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 17:21 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 17:21 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-01 09:22 - 2017-05-01 09:22 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-01 09:22 - 2017-05-01 09:22 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-01 09:22 - 2017-05-01 09:22 - 43012096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-01 09:22 - 2017-05-01 09:22 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\skypert.dll
2016-07-07 19:21 - 2014-06-27 14:15 - 01750528 _____ () C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
2016-08-06 17:28 - 2016-05-11 14:54 - 00187392 _____ () C:\Program Files (x86)\Novation\Automap\MidiAutomapClient.exe
2016-09-08 19:55 - 2017-04-30 13:36 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-07-03 01:52 - 2017-02-23 20:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-15 19:50 - 2017-02-23 20:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-15 19:50 - 2017-02-23 20:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-08-06 17:28 - 2007-08-13 16:47 - 00536171 _____ () C:\Program Files (x86)\Novation\Automap\libcairo-2.dll
2016-08-06 17:28 - 2007-08-13 16:47 - 00059904 _____ () C:\Program Files (x86)\Novation\Automap\zlib1.dll
2016-07-03 02:27 - 2017-04-21 16:07 - 67725936 _____ () C:\Users\janfo\AppData\Roaming\Spotify\libcef.dll
2016-10-25 17:18 - 2017-04-21 16:07 - 00110192 _____ () C:\Users\janfo\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-07-03 02:27 - 2017-04-21 16:07 - 01929840 _____ () C:\Users\janfo\AppData\Roaming\Spotify\libglesv2.dll
2016-07-03 02:27 - 2017-04-21 16:07 - 00087152 _____ () C:\Users\janfo\AppData\Roaming\Spotify\libegl.dll
2016-11-15 19:50 - 2017-02-23 16:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-15 19:50 - 2017-02-23 16:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-15 19:50 - 2017-02-23 16:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-15 19:50 - 2017-02-23 16:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-15 19:50 - 2017-02-23 16:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-15 19:50 - 2017-02-23 16:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-203697209-747612459-3142240203-1001\Control Panel\Desktop\\Wallpaper -> G:\Users\janfo\Bilder\Wallpaper\spacescape.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-203697209-747612459-3142240203-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9A117BF4-6C93-4ACD-AE29-DC8E0B75BB95}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{7D0A4974-7988-4912-82E7-7C4A4D4848C6}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{82640049-20C2-4488-9993-7821CA174E67}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{9832BA2E-01D4-4A21-9EBA-2436973CF04B}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe
FirewallRules: [TCP Query User{0F0C9A6A-EC46-4CF7-9BE1-7E14B1E233CD}C:\users\janfo\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\janfo\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{EFECB2D0-5C85-440D-BB61-5495FDF9D66C}G:\programme (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) G:\programme (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [TCP Query User{0C1A2979-A6A5-4DCB-BF45-F9CBD345435A}G:\programme (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) G:\programme (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [{ABF70D9D-383F-46F0-B0D2-C1A3D4F02A98}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{6A552929-EE14-4747-87DD-530DFDB609C1}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{03F6FC0D-4E30-45B4-81F7-B4AE33388696}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{6FAF3EBF-0D97-4419-8F59-F5EF5C2EC47C}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{65239941-D946-41B5-9D66-920806454CD8}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{FCB802D7-5D32-47A1-82CB-374D4DE2C145}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{CACC0484-CBDD-4E86-AEAA-94FEC875054A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{70DF20F2-BD06-42F4-BA85-2B10DC5FB7BF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{2B7226EB-7823-4699-AD42-5A5BF5D10574}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{771BAF57-9D76-4349-A1CD-EEEBCCBE30A0}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{1A38FB0F-0542-4377-B3F4-698AFE6A856E}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{5346A6E2-7EE5-42CA-AC7B-DC7AD82798E8}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{16E22AD3-8873-4578-96FE-AB0567097739}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{DB40F9B9-3677-43B7-8837-E0DD0DC75D7B}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{5F5EE9B3-2E52-40DE-AD3A-54A8D2D37EB4}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{C20C74E1-FDCB-4CAB-9EBE-B45B7649A5E8}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{C234D383-BF43-4743-ADF6-839B1132CD9D}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{FA340B7A-C367-4CD3-81FE-01D3B43C2266}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{F4FE8A9F-E39E-4420-AFDB-BDC10ABE077B}C:\program files (x86)\novation\automap\automapserver.exe] => (Allow) C:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [TCP Query User{DC15AFBF-1F20-4816-A12C-BBE355913611}C:\program files (x86)\novation\automap\automapserver.exe] => (Allow) C:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [UDP Query User{AC72E3F5-8AC6-4E0A-8652-BB578C01BA5C}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{BF2407D7-EA95-497C-8783-712AF686E6AB}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [{56899499-AC3B-4C62-A03C-5A122E630046}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Imperium Romanum\Imperium Romanum.exe
FirewallRules: [{84054942-657F-48DF-882E-9458243FF35A}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Imperium Romanum\Imperium Romanum.exe
FirewallRules: [{9E842B52-31E6-4C1C-AE58-BE56E7A72219}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{D14E8CE7-8557-48B4-8F27-A2689AE9F833}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{632FD27E-B249-4CFE-AAD3-83B3EF1F1401}] => (Allow) G:\Programme (x86)\WorldofWarships\worldofwarships.exe
FirewallRules: [{6136BA0D-9308-4A04-93B3-BE7DA008BD99}] => (Allow) G:\Programme (x86)\WorldofWarships\worldofwarships.exe
FirewallRules: [{764DACD6-52E0-493F-86D6-2B95AC2F8889}] => (Allow) G:\Programme (x86)\WorldofWarships\WoWSLauncher.exe
FirewallRules: [{F3666949-9A6A-4F88-9975-58E846346FD2}] => (Allow) G:\Programme (x86)\WorldofWarships\WoWSLauncher.exe
FirewallRules: [{2690649C-1765-429C-9BB8-3F38D4C84ADB}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{0D790635-E2A6-418A-9D29-B1987CBD55A4}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{4DF10794-F153-4790-BAB0-28EB3CE03928}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{17C750A3-C91E-4AE9-9007-B00FDA948BA0}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{6D6EF951-69D7-4BDC-8F09-72B1A49CF600}] => (Allow) C:\SteamLibrary\steamapps\common\Kingdom Come Deliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{ED405F96-8805-494F-AFF7-71CE6DBBB20D}] => (Allow) C:\SteamLibrary\steamapps\common\Kingdom Come Deliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{612DEC20-7A85-49F3-B3FD-4927D188974E}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Reigns\Reigns.exe
FirewallRules: [{001AD373-40A6-408C-B3CF-C50451A5ABDE}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Reigns\Reigns.exe
FirewallRules: [{411F0AB3-C31B-4D43-AA3B-AF0665C6A867}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{D314AE76-8CEA-4D83-A3A2-F61926297720}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [UDP Query User{31953A13-22B5-48A9-9891-D7B87D01F370}C:\program files (x86)\novation\automap\automapserver.exe] => (Allow) C:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [TCP Query User{52B38232-8B35-4391-B540-3780C8DC90E1}C:\program files (x86)\novation\automap\automapserver.exe] => (Allow) C:\program files (x86)\novation\automap\automapserver.exe
FirewallRules: [{7C0C1F9B-F1FB-4295-9620-7BDE7E0ACF84}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{95E0D5DC-18FF-4ED9-A57B-3D80C2CD86E7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E21F727F-3C98-4387-9B93-215A5E133A1C}] => (Allow) C:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{D5EE5F36-E287-4C25-BC58-980FC642E346}] => (Allow) C:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [UDP Query User{FF3AF603-B31A-4D88-9530-DEF1098AC1BC}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{BDFEEFC6-40C2-4015-9FB3-D3B8C093EC11}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [{2B65BECD-AA52-42B4-95D0-E7CA0C798E29}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Viridi\Viridi.exe
FirewallRules: [{82F80FBB-CFDE-4DE4-A9B6-CA31707F7170}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Viridi\Viridi.exe
FirewallRules: [{5F68F2E2-2740-49A5-8CFC-E7603D28B370}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{33FE0128-223E-4653-8DA2-49FAE2423F1F}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{19EFAB18-06D9-4F33-B337-9853311013DC}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\No Time To Explain Remastered\NoTimeToExplain.exe
FirewallRules: [{556EEC1D-F1AE-4B43-A5BC-B8C01256A57C}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\No Time To Explain Remastered\NoTimeToExplain.exe
FirewallRules: [{3AE65D99-2EAC-4EBB-A1BE-477555BCF5EE}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{1531AB94-FD26-4C71-BDBA-7A011E2A431B}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{258839E2-1E32-4D1B-8278-C8E3E1898A85}] => (Allow) C:\SteamLibrary\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{B3775BC5-5FCF-4EF6-9F89-612E8225B8CC}] => (Allow) C:\SteamLibrary\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{79720873-1C38-43FD-AD9D-4413F89CBA06}] => (Allow) C:\SteamLibrary\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{6EEB4CB1-0391-4981-A41B-DA28A62D676B}] => (Allow) C:\SteamLibrary\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{F2548791-520A-496E-879E-249BFC79BBA3}] => (Allow) C:\SteamLibrary\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{4CABD95C-6721-4BE0-8828-2B1CF198C14E}] => (Allow) C:\SteamLibrary\steamapps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [UDP Query User{43DF7587-E322-4C8F-B74B-7EF57F55DD9D}C:\users\janfo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\janfo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4FFFD804-0FD7-44DB-A969-C6DEC42EF99C}C:\users\janfo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\janfo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9063DE54-DAB7-4253-B3EF-76677C84DF1C}C:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{55D0576A-5C0D-4617-800F-4441944AE0B2}C:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{9B233353-E354-4E1C-BD98-75500A7E9DC7}] => (Allow) C:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5F74077A-2E36-489E-879C-CEE5D71A339A}] => (Allow) C:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{722E8630-8FB1-4714-B363-E861CF22801F}] => (Allow) C:\SteamLibrary\steamapps\common\Firewatch\Firewatch.exe
FirewallRules: [{7DEF87C5-77B0-47B4-943A-52A4367A59C1}] => (Allow) C:\SteamLibrary\steamapps\common\Firewatch\Firewatch.exe
FirewallRules: [{87AF4B01-9002-4155-B472-CF50A2CF7125}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Bit Blaster XL\BitBlasterXL.exe
FirewallRules: [{E44B4D05-4A06-4388-AB34-071CB4C8E85D}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Bit Blaster XL\BitBlasterXL.exe
FirewallRules: [UDP Query User{C8BD3A5A-2FAD-4D83-887F-C209476E113F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{75B35DB4-62BF-4385-89FC-9FF174770682}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{1F1D78B3-1C1C-4911-94B9-9093B2374B9A}C:\users\janfo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\janfo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2C73ABB3-536E-4B25-8DFD-470C43B58C52}C:\users\janfo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\janfo\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B0BEED03-FD67-4F40-8E58-45764C2D7FC2}] => (Allow) G:\Programme (x86)\Mozilla\firefox.exe
FirewallRules: [{AB787A83-6D47-43FC-A8C8-5486E56E9BBB}] => (Allow) G:\Programme (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C44EBAFB-1DB4-4124-AD60-4BD8C348DF48}] => (Allow) G:\Programme (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{75E960B1-CD7E-4D19-A005-3CF88A3C8ECB}] => (Allow) G:\Programme (x86)\Steam\Steam.exe
FirewallRules: [{261DCCC1-822C-4492-89C8-D8323631E060}] => (Allow) G:\Programme (x86)\Steam\Steam.exe
FirewallRules: [{E5213833-10DC-464C-BC13-C55A3A56CB2D}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{E7712267-155F-44C2-8C73-20EFB44D858A}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{6E5BBF8D-110C-42BA-B37B-4DB80F88CADC}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{7B05D482-4798-45E8-A1AC-18E83ECAE18A}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{CF2D3D28-7528-4806-93DA-4F117D313A24}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73B836B1-2A09-480A-B534-78661FD9B94C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{145F5B12-57C1-478E-A019-5293898D0BDD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2CC93E70-3193-466D-B1CC-C0CE07317A30}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{26F28FD1-0FBF-465C-A7AB-3834E5F39E03}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{EC784E71-6339-4DDE-BD64-4BAC538DF503}G:\program files\cycling '74\max 7\max.exe] => (Allow) G:\program files\cycling '74\max 7\max.exe
FirewallRules: [UDP Query User{7D8CC75C-3B5F-4FF3-A7B3-FE404DCCD5D0}G:\program files\cycling '74\max 7\max.exe] => (Allow) G:\program files\cycling '74\max 7\max.exe
FirewallRules: [{A32EAB8D-EA41-47EE-9214-92EB0F63C049}] => (Allow) G:\Programme (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1518963D-45BF-4DCB-906E-D373219DD411}] => (Allow) G:\Programme (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{294E17EF-F42F-4AA9-90E0-F67867F3C10C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{23B3384E-1FFF-49F2-AF85-87B193A14BB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F54FE657-53DC-419A-BD3F-D15773F1213D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{13A8483A-8824-41A1-8EE6-2CD7904C4CB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CB820F1B-02B3-4DC6-92C8-32C647828EDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A7E3FEAD-A55A-4BFD-B906-B5471C754805}] => (Allow) C:\SteamLibrary\steamapps\common\ManiaPlanet_SMStorm\ManiaPlanetLauncher.exe
FirewallRules: [{EE46890B-E7E1-4D6C-85C2-4DB0797E5B5E}] => (Allow) C:\SteamLibrary\steamapps\common\ManiaPlanet_SMStorm\ManiaPlanetLauncher.exe
FirewallRules: [{F6C12B3D-D8FF-4EAF-BAD4-B7118C4218FA}] => (Allow) C:\SteamLibrary\steamapps\common\ManiaPlanet_SMStorm\ManiaPlanet.exe
FirewallRules: [{C0841B31-3BC6-4410-A1C5-F5EDADE81ACA}] => (Allow) C:\SteamLibrary\steamapps\common\ManiaPlanet_SMStorm\ManiaPlanet.exe
FirewallRules: [{9D8DE790-DCF8-4D93-AA2F-813CC12749B3}] => (Allow) C:\SteamLibrary\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{1804686F-4787-4DD5-A252-D7A4A12385B5}] => (Allow) C:\SteamLibrary\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{50ED750A-8C14-4340-B10E-5BAE3DD6188F}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{E7588381-C686-48CF-ACBE-ADB6ADF10B3B}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [TCP Query User{011F8083-0598-42A1-9CAB-9F191DE9F563}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{6EC5B43E-8C36-4C60-8AF7-B0B171BEB1E2}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{9E8D22D6-9723-4215-AB77-7799165BC7AA}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\The Universim Demo\The Universim Mother Planet Demo.exe
FirewallRules: [{BE03CA93-EAC8-4A32-839A-71C7EDFB3BF7}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\The Universim Demo\The Universim Mother Planet Demo.exe
FirewallRules: [{94A2E8EC-AFC7-43D7-B1B2-E86EC2D48F9C}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{B72CEE24-9475-4288-BDE7-5F36810A2A78}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{1054AD00-C00A-42F9-BDF0-7D4CE941501E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{24619AA0-D4E4-4A07-9702-3F793DE569F7}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{7C054AC3-5005-4830-B72D-E85E7BF37D9A}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6570C780-3293-4248-B05B-7DB1B0A53CAE}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Neon Drive\Neon Drive.exe
FirewallRules: [{1ED638E3-38AF-4E6A-8CAB-4BB2560867DE}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Neon Drive\Neon Drive.exe
FirewallRules: [{40456904-13F6-4887-8396-C9FACAC68605}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Kopanito All-Stars Soccer\kopanito.exe
FirewallRules: [{674C8056-874F-4376-860E-74ABD2E70FBF}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Kopanito All-Stars Soccer\kopanito.exe
FirewallRules: [{F9DDF28D-0641-4471-A70F-B3BA04305C4C}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Northgard\Northgard.exe
FirewallRules: [{D80D8EF1-5461-4F81-946A-F6D2CA86FAEA}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Northgard\Northgard.exe
FirewallRules: [{F4DC6F8E-D3EE-4827-A8A8-AF641BEDC42E}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{9388546F-8DFB-4B01-A4FF-3D5EA92277E9}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{69CAAA6B-88EA-4B63-AA3E-E6DC3A8B9FB2}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age of Mythology\aomx.exe
FirewallRules: [{A6E899E9-FE0B-4060-8799-08670699A3AC}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Age of Mythology\aomx.exe
FirewallRules: [{CB6494C0-A0D9-4169-87AC-8D79ECE7F637}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Disco Dodgeball\Disco Dodgeball.exe
FirewallRules: [{38CE69F1-84F6-4EF3-9786-71BF0DC90568}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\Disco Dodgeball\Disco Dodgeball.exe
FirewallRules: [{8626D3D6-90BF-407E-B1FF-5A2317308B81}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{31B6C629-655F-4091-ABB9-F60AF5B92ABC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{D9274650-D02C-4DBD-BAF3-9FEC8A4ECCD4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{E61FDE52-2EC3-41C8-9610-7B6454B15095}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{C02E9E18-38C4-4862-8D2A-50249B271794}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{FD7B5702-AF51-4743-862A-17A3F14D348E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{7A661614-B193-4C18-98D2-A3D1662741D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5022A195-1672-4DA8-B084-8A611062F98C}] => (Allow) C:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{850CDBA5-A5AD-46C7-891D-C2D5EB6AFCFB}] => (Allow) C:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{27BFE3B1-9C7E-4FF3-93DB-A483A61E1EB4}C:\steamlibrary\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) C:\steamlibrary\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{A18D5F2B-B008-4436-B0FF-FC9DD18BA638}C:\steamlibrary\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) C:\steamlibrary\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [TCP Query User{E345BF57-1B33-4F0B-9A56-98C33C7579E8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{C1989523-03EF-4AD6-9B6D-ADD4F6F7FBBF}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{76E69F7C-8EFC-4ED8-B593-B8DE3925DFD9}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{597100FF-11BD-47A0-B488-7418BDCED776}] => (Allow) G:\Programme (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{DC703A29-5FB9-4F12-8DD8-7E1E77D25B19}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{F3785086-617C-41F5-B90E-9D7F9FCFE55A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{385696EA-5C23-46FC-BAFA-C841F9979FE6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{BA1785D6-5C26-45C6-92BA-0A6C91AB5552}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{967C3CF0-C4D5-4C1F-989E-FE3566807AAB}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd10ezex-00bn5a0_wd-wmc3f249561295612.dat
FirewallRules: [{0DC4B4BE-67C1-4093-83C6-0FB5E091813B}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd10ezex-00bn5a0_wd-wmc3f249561295612.dat
FirewallRules: [{AE631B55-2EFA-4238-8D8B-C4F4C0913046}] => (Allow) C:\Program Files (x86)\Dayglad\Application\chrome.exe
FirewallRules: [{86A6A984-068E-4624-A4E6-EB575C05D3FC}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{005FE58E-3F39-4F08-A85F-ED043ABF70A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9165661-69C2-458F-BD7C-0BE431E00DA1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

30-04-2017 15:26:02 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
30-04-2017 15:26:08 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
04-05-2017 19:48:37 Malwarebytes Anti-Rootkit Restore Point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/06/2017 01:43:34 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: ZORRO)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.

Error: (05/06/2017 01:38:05 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: ZORRO)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.

Error: (05/06/2017 01:29:48 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (05/06/2017 01:29:48 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (05/06/2017 03:31:12 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: ZORRO)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.

Error: (05/05/2017 05:32:44 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: ZORRO)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.

Error: (05/04/2017 07:52:47 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: ZORRO)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.

Error: (05/04/2017 07:48:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (05/04/2017 07:28:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.953, Zeitstempel: 0x58ba5911
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x225c
Startzeit der fehlerhaften Anwendung: 0x01d2c4fbb8519d25
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b8dab35e-6b35-4df2-97aa-f898173988ec
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (05/04/2017 07:27:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.953, Zeitstempel: 0x58ba5911
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x225c
Startzeit der fehlerhaften Anwendung: 0x01d2c4fbb8519d25
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: e42140f3-62ca-4dd8-890c-1c3fb884b40e
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge


Systemfehler:
=============
Error: (05/06/2017 01:41:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/06/2017 01:41:22 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "ZORRO" auf Transport "NetBT_Tcpip_{F7FF241D-4A57-4039-A157-58B1B2FD2B6E}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (05/06/2017 01:41:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinDefend" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (05/06/2017 01:40:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/06/2017 01:38:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/06/2017 04:09:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/06/2017 03:31:15 AM) (Source: Schannel) (EventID: 4114) (User: NT-AUTORITÄT)
Description: Das vom Remoteserver empfangene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten überprüft werden. Fehler bei der TLS-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (05/06/2017 03:31:15 AM) (Source: Schannel) (EventID: 4114) (User: ZORRO)
Description: Das vom Remoteserver empfangene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten überprüft werden. Fehler bei der TLS-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (05/06/2017 03:31:13 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/06/2017 03:31:09 AM) (Source: Schannel) (EventID: 4114) (User: NT-AUTORITÄT)
Description: Das vom Remoteserver empfangene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten überprüft werden. Fehler bei der TLS-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.


CodeIntegrity:
===================================
  Date: 2017-05-06 13:41:18.154
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-04 19:50:32.053
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-04 19:35:39.926
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-04 19:27:24.977
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-04 19:27:24.574
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-04 18:24:00.873
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-03 23:42:02.034
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-03 23:23:38.748
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe that did not meet the Windows signing level requirements.

  Date: 2017-05-03 23:15:21.277
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-05-03 22:44:32.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8136.43 MB
Verfügbarer physikalischer RAM: 5268.37 MB
Summe virtueller Speicher: 13512.43 MB
Verfügbarer virtueller Speicher: 10314.87 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.22 GB) (Free:117.05 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: () (Fixed) (Total:930.97 GB) (Free:648.08 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:931.28 GB) (Free:276.03 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 66D23A59)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: BB7E85B3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 2DF6D6A7)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================