New Tab spam durch "hosted.ap.org" bzw "Cincinnati Enquirer"

M-K-D-B · 22.06.2017, 20:09

Servus,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

BrainWasheD · 22.06.2017, 21:57

Hi,

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
durchgeführt von BrainWasheD (Administrator) auf BRAINWASHED-PC (22-06-2017 22:55:34)
Gestartet von C:\Users\BrainWasheD\Desktop
Geladene Profile: BrainWasheD (Verfügbare Profile: BrainWasheD)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Hammer & Chisel, Inc.) C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\Discord.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Hammer & Chisel, Inc.) C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\Discord.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5676\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Blizzard Entertainment) D:\Program Files (x86)\Blizzard App\Battle.net.8941\Battle.net.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hammer & Chisel, Inc.) C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\Discord.exe
() D:\Program Files (x86)\Blizzard App\Battle.net.8941\Battle.net Helper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() D:\Program Files (x86)\Blizzard App\Battle.net.8941\Battle.net Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-06] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Run: [Discord] => C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Run: [Battle.net] => D:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe [3229160 2017-05-20] (Blizzard Entertainment)
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{00f4a4f9-90c8-4abb-b592-61cb1208f787}: [DhcpNameServer] 80.69.96.12 81.210.129.4

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-21] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-22] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-22] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mguelu0x.default
FF ProfilePath: C:\Users\BrainWasheD\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default [2017-06-20]
FF Extension: (Avast SafePrice) - C:\Users\BrainWasheD\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default\Extensions\sp@avast.com.xpi [2017-06-18]
FF Extension: (Avast Online Security) - C:\Users\BrainWasheD\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default\Extensions\wrc@avast.com.xpi [2017-06-18]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-06-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxp://www.mmo-champion.com/content/","hxxp://www.google.de/","hxxp://www.youtube.com/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default [2017-06-22]
CHR Extension: (Google Präsentationen) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-20]
CHR Extension: (Google Docs) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-20]
CHR Extension: (Google Drive) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-20]
CHR Extension: (YouTube) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-20]
CHR Extension: (Adblock Plus) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-06-20]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-06-20]
CHR Extension: (Google Tabellen) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-20]
CHR Extension: (Google Docs Offline) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-20]
CHR Extension: (Google Mail) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-20]
CHR Extension: (Chrome Media Router) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-20]
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-05-20] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4412616 2017-06-11] (Microsoft Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [819672 2017-06-05] (Seiko Epson Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-03] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-06-18] (Overwolf LTD)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S2 BitDefenderCOM; "C:\Program Files\BDServices\BitDefenderCom.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2017-04-06] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-06] (Logitech Inc.)
R1 MpKsla7382175; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{999D74C4-F65A-41B4-80AF-3E45809D1D15}\MpKsla7382175.sys [44928 2017-06-22] (Microsoft Corporation)
R1 MpKslaf21b800; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{999D74C4-F65A-41B4-80AF-3E45809D1D15}\MpKslaf21b800.sys [44928 2017-06-22] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-05-02] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84960 2017-05-22] (Sysinternals - www.sysinternals.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [442848 2017-05-05] (BitDefender S.R.L.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-22 22:55 - 2017-06-22 22:55 - 02439680 _____ (Farbar) C:\Users\BrainWasheD\Desktop\FRST64.exe
2017-06-22 22:55 - 2017-06-22 22:55 - 00019192 _____ C:\Users\BrainWasheD\Desktop\FRST.txt
2017-06-22 22:55 - 2017-06-22 22:55 - 00000000 ____D C:\FRST
2017-06-22 19:29 - 2017-06-22 19:29 - 00747492 _____ C:\Users\BrainWasheD\Downloads\Tyr_triangle_blue.webm
2017-06-22 19:28 - 2017-06-22 19:28 - 05740048 _____ C:\Users\BrainWasheD\Downloads\ambroride_v3.mp4
2017-06-22 19:28 - 2017-06-22 19:28 - 04385548 _____ C:\Users\BrainWasheD\Downloads\GoT&HoT.webm
2017-06-22 19:28 - 2017-06-22 19:28 - 03371314 _____ C:\Users\BrainWasheD\Downloads\ely.mp4
2017-06-22 19:28 - 2017-06-22 19:28 - 02799672 _____ C:\Users\BrainWasheD\Downloads\ambro5k.webm
2017-06-22 02:18 - 2017-06-22 02:18 - 00003666 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-06-22 02:18 - 2017-06-22 02:18 - 00001552 _____ C:\DelFix.txt
2017-06-22 02:18 - 2017-06-22 02:18 - 00000000 ____D C:\WINDOWS\ERUNT
2017-06-22 02:12 - 2017-06-22 02:12 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-06-22 02:12 - 2017-06-22 02:12 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Sun
2017-06-22 02:12 - 2017-06-22 02:12 - 00000000 ____D C:\Users\BrainWasheD\AppData\LocalLow\Sun
2017-06-22 02:12 - 2017-06-22 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-22 02:11 - 2017-06-22 02:12 - 00000000 ____D C:\ProgramData\Oracle
2017-06-22 02:11 - 2017-06-22 02:11 - 00738368 _____ (Oracle Corporation) C:\Users\BrainWasheD\Downloads\JavaSetup8u131.exe
2017-06-22 02:11 - 2017-06-22 02:11 - 00000000 ____D C:\Program Files (x86)\Java
2017-06-22 02:10 - 2017-06-22 02:10 - 00004654 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-22 02:10 - 2017-06-22 02:10 - 00004466 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-06-21 17:48 - 2017-06-21 17:48 - 00000000 ____D C:\Program Files (x86)\ESET
2017-06-20 17:49 - 2017-06-20 17:49 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\.mono
2017-06-20 17:49 - 2017-06-20 17:49 - 00000000 ____D C:\Users\BrainWasheD\AppData\LocalLow\Blizzard Entertainment
2017-06-20 17:49 - 2017-06-20 17:49 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Blizzard
2017-06-20 17:49 - 2017-06-20 17:49 - 00000000 ____D C:\ProgramData\.mono
2017-06-20 17:46 - 2017-06-20 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-06-20 17:45 - 2017-06-20 18:03 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\HearthstoneDeckTracker
2017-06-20 17:45 - 2017-06-20 17:45 - 00002641 _____ C:\Users\BrainWasheD\Desktop\Hearthstone Deck Tracker.lnk
2017-06-20 17:45 - 2017-06-20 17:45 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-06-20 17:45 - 2017-06-20 17:45 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\HearthstoneDeckTracker
2017-06-20 17:44 - 2017-06-20 17:44 - 22687008 _____ (HearthSim) C:\Users\BrainWasheD\Downloads\HDT-Installer.exe
2017-06-20 02:17 - 2017-06-20 12:19 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\vlc
2017-06-20 02:17 - 2017-06-20 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-06-20 02:17 - 2017-06-20 02:17 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-06-20 02:16 - 2017-06-20 02:16 - 30950664 _____ C:\Users\BrainWasheD\Downloads\vlc-2.2.6-win32.exe
2017-06-19 23:00 - 2017-06-19 23:00 - 00208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\55876282.sys
2017-06-19 22:52 - 2017-06-19 22:52 - 00208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\55192664.sys
2017-06-19 13:49 - 2017-06-19 13:49 - 09836385 _____ C:\Users\BrainWasheD\Downloads\01_Studi.pdf
2017-06-19 01:23 - 2017-06-19 01:23 - 00208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\85203316.sys
2017-06-19 00:31 - 2017-06-19 00:31 - 00000000 ____D C:\ProgramData\Emsisoft
2017-06-19 00:30 - 2017-06-19 00:32 - 00000000 ____D C:\EEK
2017-06-18 22:39 - 2017-06-18 22:39 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Google
2017-06-18 22:38 - 2017-06-18 22:38 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-06-18 22:38 - 2017-06-18 22:38 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-06-18 22:38 - 2017-06-18 22:38 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-18 21:20 - 2017-06-18 22:35 - 00000000 ____D C:\Program Files\CCleaner
2017-06-18 21:20 - 2017-06-18 21:20 - 00002880 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-06-18 21:20 - 2017-06-18 21:20 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-18 21:20 - 2017-06-18 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-06-18 21:19 - 2017-06-18 22:47 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Google
2017-06-18 21:19 - 2017-06-18 22:38 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-18 21:18 - 2017-06-18 21:52 - 00000000 ____D C:\Users\BrainWasheD\AppData\LocalLow\Mozilla
2017-06-18 21:18 - 2017-06-18 21:41 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Mozilla
2017-06-18 21:18 - 2017-06-18 21:18 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Mozilla
2017-06-18 21:03 - 2017-06-18 21:03 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7BA52E92.sys
2017-06-18 15:43 - 2017-06-18 15:46 - 00000000 ____D C:\ProgramData\HitmanPro
2017-06-18 13:31 - 2017-06-18 21:54 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Deployment
2017-06-18 13:31 - 2017-06-18 13:31 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Macromedia
2017-06-18 12:52 - 2017-06-18 13:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-06-18 03:03 - 2017-06-22 02:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-17 23:13 - 2017-06-17 23:13 - 00000000 ____D C:\Program Files (x86)\Notepad++
2017-06-17 21:04 - 2017-06-17 21:04 - 00000000 ____D C:\Users\BrainWasheD\Documents\League of Legends
2017-06-17 21:03 - 2017-06-17 21:04 - 00000863 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-06-17 21:03 - 2017-06-17 21:03 - 00000000 ____D C:\ProgramData\Riot Games
2017-06-17 21:03 - 2017-06-17 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-06-17 21:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-06-17 21:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-06-17 21:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-06-17 21:02 - 2017-06-17 21:03 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Riot Games
2017-06-15 10:19 - 2017-06-15 10:19 - 00000713 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2017-06-15 10:19 - 2017-06-15 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2017-06-15 10:17 - 2017-06-15 10:19 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Guild Wars 2
2017-06-15 09:57 - 2017-06-15 09:57 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-14 17:08 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 17:08 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 17:08 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 17:08 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 17:08 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 17:08 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 17:08 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 17:08 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 17:08 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 17:08 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 17:08 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 17:08 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 17:08 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 17:08 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 17:08 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 17:08 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 17:08 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 17:08 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 17:08 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 17:08 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 17:08 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 17:08 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 17:08 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 17:08 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 17:08 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 17:08 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 17:08 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 17:08 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 17:08 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 17:08 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 17:08 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 17:08 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 17:08 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 17:08 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 17:07 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 17:07 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 17:07 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 17:07 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 17:07 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 17:07 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 17:07 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 17:07 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 17:07 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 17:07 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 17:07 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 17:07 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 17:07 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 17:07 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 17:07 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 17:07 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 17:07 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 17:07 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 17:07 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 17:07 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 17:07 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 17:07 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 17:07 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 17:07 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 17:07 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 17:07 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 17:07 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 17:07 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 17:07 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 17:07 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 17:07 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 17:07 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 17:06 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 17:06 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 17:06 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 17:06 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 17:06 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 17:06 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 17:06 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 17:06 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 17:06 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 17:06 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 17:06 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 17:06 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 17:06 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 17:06 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 17:06 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 17:06 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 17:06 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 17:06 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 17:06 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 17:06 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 17:06 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 17:06 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 17:06 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 17:06 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 17:06 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 17:06 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 17:06 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 17:06 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 17:06 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 17:06 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 17:06 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 17:06 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 17:06 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 17:06 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 17:06 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 17:06 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 17:06 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 17:06 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 17:06 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 17:06 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-06 18:03 - 2017-06-22 02:23 - 00015872 ___SH C:\Users\BrainWasheD\Desktop\Thumbs.db
2017-06-03 08:08 - 2017-06-20 12:21 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\UseNeXT
2017-06-03 08:08 - 2017-06-03 08:08 - 00000819 _____ C:\Users\BrainWasheD\Desktop\UseNeXT by Tangysoft.lnk
2017-06-03 08:08 - 2017-06-03 08:08 - 00000000 ____D C:\Users\BrainWasheD\Documents\UseNeXT
2017-06-03 08:08 - 2017-06-03 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2017-06-03 08:05 - 2017-06-06 18:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-06-03 08:05 - 2017-06-03 16:08 - 00000000 ____D C:\ProgramData\Adobe
2017-06-03 08:05 - 2017-06-03 08:05 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-06-03 08:05 - 2017-06-03 08:05 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-05-30 16:35 - 2017-05-30 16:35 - 00000000 ____D C:\Users\BrainWasheD\Documents\Benutzerdefinierte Office-Vorlagen
2017-05-29 12:51 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-05-29 12:51 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-29 12:51 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-29 12:51 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-29 12:51 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-29 12:51 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-29 12:51 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-29 12:51 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-05-29 12:51 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-05-29 12:51 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-29 12:51 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-29 12:51 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-29 12:51 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-29 12:51 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-05-29 12:51 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-05-29 12:51 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-29 12:51 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-05-29 12:51 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-05-29 12:51 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-29 12:51 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-29 12:51 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-29 12:51 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-05-29 12:51 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-05-29 12:51 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-29 12:51 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-29 12:51 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-05-29 12:51 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-29 12:51 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-29 12:51 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-29 12:51 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-05-29 12:51 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-05-29 12:51 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-05-29 12:51 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-05-29 12:51 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-29 12:51 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-29 12:51 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-29 12:51 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-29 12:51 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-29 12:51 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-05-29 12:51 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-29 12:51 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-29 12:51 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-05-29 12:51 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-29 12:51 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-05-29 12:51 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-29 12:51 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-05-29 12:51 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-05-29 12:51 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-29 12:51 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-05-29 12:51 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-29 12:51 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-05-29 12:51 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-05-29 12:51 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-29 12:51 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-29 12:51 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-05-29 12:51 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-29 12:51 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-29 12:51 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-05-29 12:51 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-05-29 12:51 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-05-29 12:51 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-05-29 12:51 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-05-29 12:51 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-05-29 12:51 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-05-29 12:51 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-29 12:51 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-29 12:51 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-05-29 12:51 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-29 12:51 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-29 12:51 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-05-29 12:51 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-05-29 12:51 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-29 12:51 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-05-29 12:51 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-05-29 12:51 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-05-29 12:51 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-05-29 12:51 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-05-29 12:51 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-05-29 12:51 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-05-29 12:51 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-29 12:51 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-05-29 12:51 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-05-29 12:51 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-05-29 12:51 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-29 12:51 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-05-29 12:51 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-29 12:51 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-29 12:51 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-29 12:51 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-29 12:51 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-29 12:51 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-29 12:51 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-29 12:51 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-05-29 12:51 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-29 12:51 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-29 12:51 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-29 12:51 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-29 12:51 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-05-29 12:51 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-05-29 12:51 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-05-29 12:51 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-05-29 12:51 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-29 12:51 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-05-29 12:51 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-29 12:51 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-05-29 12:51 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-05-29 12:51 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-05-25 17:23 - 2017-05-25 17:23 - 00001150 _____ C:\Users\Public\Desktop\Overwolf.lnk
2017-05-25 17:23 - 2017-05-25 17:23 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\NVIDIA
2017-05-25 17:22 - 2017-06-22 21:22 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-05-25 17:22 - 2017-06-22 00:48 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\TS3Client
2017-05-25 17:22 - 2017-06-02 08:18 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Overwolf
2017-05-25 17:22 - 2017-05-25 17:24 - 00000000 ____D C:\ProgramData\Overwolf
2017-05-25 17:22 - 2017-05-25 17:22 - 00004382 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2017-05-25 17:22 - 2017-05-25 17:22 - 00001342 _____ C:\Users\BrainWasheD\Desktop\TeamSpeak 3 Client.lnk
2017-05-25 17:22 - 2017-05-25 17:22 - 00001300 _____ C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-05-25 17:22 - 2017-05-25 17:22 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2017-05-25 17:22 - 2017-05-25 17:22 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\TeamSpeak 3 Client
2017-05-25 17:22 - 2017-05-25 17:22 - 00000000 ____D C:\Users\BrainWasheD\.TeamSpeak 3
2017-05-25 17:22 - 2017-05-25 17:22 - 00000000 ____D C:\Users\BrainWasheD\.QtWebEngineProcess
2017-05-23 10:31 - 2017-06-18 22:37 - 00000000 ____D C:\WINDOWS\Minidump

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-22 22:52 - 2017-05-20 20:00 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Battle.net
2017-06-22 19:13 - 2017-05-20 19:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-22 18:13 - 2017-05-22 01:31 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08FEE1D4-25C0-4D3B-B4B9-6E4636D53EB8}
2017-06-22 15:57 - 2017-05-20 19:30 - 00000000 ____D C:\Users\BrainWasheD
2017-06-22 15:45 - 2017-05-20 19:38 - 02515470 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-22 15:45 - 2017-03-20 06:35 - 01159578 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-22 15:45 - 2017-03-20 06:35 - 00265038 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-22 15:40 - 2017-05-20 19:38 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-22 15:39 - 2017-05-20 19:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-22 11:54 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-22 11:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-22 02:27 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-06-22 02:20 - 2017-05-20 18:24 - 00000000 ____D C:\Program Files\Common Files\AV
2017-06-22 02:20 - 2017-05-20 18:23 - 00000000 ____D C:\ProgramData\AVAST Software
2017-06-22 02:13 - 2017-05-20 21:08 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Adobe
2017-06-22 02:12 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-06-22 02:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-22 02:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-21 22:35 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-21 22:34 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-21 22:33 - 2017-05-20 21:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-20 17:45 - 2017-05-20 21:01 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\SquirrelTemp
2017-06-20 13:05 - 2017-05-20 19:40 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\CrashDumps
2017-06-18 22:37 - 2017-05-20 18:43 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-18 21:56 - 2017-05-20 20:55 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\MicrosoftEdge
2017-06-18 13:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-17 23:13 - 2017-05-21 15:49 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Notepad++
2017-06-15 10:50 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 09:50 - 2017-05-20 19:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-15 09:49 - 2017-05-20 19:28 - 00386600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 21:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 21:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 18:16 - 2017-05-21 14:57 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Twitch
2017-06-14 17:12 - 2017-05-21 22:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 17:10 - 2017-05-21 22:47 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 17:10 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-13 16:05 - 2017-05-20 19:35 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Packages
2017-06-07 11:02 - 2017-05-20 21:41 - 00000000 ____D C:\Users\BrainWasheD\Documents\Overwatch
2017-06-03 08:32 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:32 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-23 10:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-18 13:02 - 2017-06-18 13:02 - 0000053 _____ () C:\Users\BrainWasheD\AppData\Roaming\LogFile.txt
2017-05-20 21:19 - 2017-05-20 21:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-15 10:48

==================== Ende von FRST.txt ============================

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
durchgefÃ¼hrt von BrainWasheD (22-06-2017 22:56:06)
Gestartet von C:\Users\BrainWasheD\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-20 17:35:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1290209912-1044598962-369420843-500 - Administrator - Disabled)
BrainWasheD (S-1-5-21-1290209912-1044598962-369420843-1000 - Administrator - Enabled) => C:\Users\BrainWasheD
DefaultAccount (S-1-5-21-1290209912-1044598962-369420843-503 - Limited - Disabled)
Gast (S-1-5-21-1290209912-1044598962-369420843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1290209912-1044598962-369420843-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Discord (HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-630 Series Printer Uninstall (HKLM\...\EPSON XP-630 Series) (Version:  - Seiko Epson Corporation)
EPSON-HandbÃ¼cher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.53.0.0 - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\HearthstoneDeckTracker) (Version: 1.3.5 - HearthSim)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8229.2045 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.4.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.105.48.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.91.1119.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
Twitch (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Twitch Interactive, Inc.)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1290209912-1044598962-369420843-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\BrainWasheD\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1290209912-1044598962-369420843-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\BrainWasheD\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1290209912-1044598962-369420843-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\BrainWasheD\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0166F2C7-5F9A-412F-97F3-7B6FABE80767} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-22] (Adobe Systems Incorporated)
Task: {0EA1CF12-4D4E-4351-94B7-84115E3AB914} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-18] (Google Inc.)
Task: {18BD4184-9849-4FDB-9B2D-24D03803CE9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B4E6278-16D4-45A6-8BDE-8BAA2F57111A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {3B04BECD-23DB-471D-A731-C373F6E8F907} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-11] (Microsoft Corporation)
Task: {420B7897-F154-4134-B3AE-149DECC6BAF7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4D092839-43B2-4855-AB19-8D6325F14541} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {5832288D-E503-4966-AF8E-965743410F82} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A7E1579-B6EB-4F42-9120-BC6031D5793C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B4D641C-AF35-4B5B-8EDB-D191464EBBE8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ECBA297-C419-4699-B73F-898E1F326367} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-11] (Microsoft Corporation)
Task: {61C6518D-C13B-4071-9836-2975C78C13FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {6F7AC86E-5FFA-4710-9A38-0BE5F3CB4539} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7270ECB5-AEA9-489F-BA3C-BC230228194A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {74D85C90-A46D-4914-B0DE-2B320BE872A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {7E801DA2-CF04-4FED-BCA3-31CF6097C3C2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {7FB80D08-E1BE-4B3C-BDA4-6AA519217046} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {93A58816-DD3E-4BF6-9C17-F4D3BAC595AC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {95284773-EAF4-481E-B224-DB2BF54EDA8F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {957EF89D-E1CF-4C48-BEC4-14BB44D42D51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-18] (Google Inc.)
Task: {96F95AF5-1C8C-4718-A36B-24E45D8224B4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9947AA0C-3D16-476F-9E8F-39C7AE7D6406} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-21] (Microsoft Corporation)
Task: {9B71CBD8-7E43-4204-93A2-BC0C53D78FB3} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {9CC7B1AB-F5C2-46E8-AF00-3CA249EBFF9A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A150F5A9-E5F0-4935-BD77-219558415C65} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A1FCDDC7-CC06-48C1-B4EB-440E9E3CBD16} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-21] ()
Task: {A34D82D1-35D7-40D5-BFBD-1228C53033DF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A4D1A90D-EB59-4F32-94B7-FF32DB04EE43} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A81ACE1F-61CB-4BC1-A7FA-8C924339B59A} - System32\Tasks\EPSON XP-630 Series Update {61C1FF77-ABA5-4555-868B-77F3A3B348E5} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {B205450B-BFE4-44A9-ADCC-69B35A025AB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-21] (Microsoft Corporation)
Task: {B428955E-0F10-42B9-9BC2-C8E0D4A2E8CA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B74E1E8C-4791-48B9-AB80-C95F3E9408B5} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-06-18] (Overwolf LTD)
Task: {BE535D16-1CEE-4C7F-B997-0936C38FD171} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {BFCFEED0-3A42-43DE-9DB8-3EB9C8A3436B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C0E93ABF-6B28-43AF-9233-8C6C60788FCE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2F94150-B72D-4E77-AF25-E4B46736A963} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DE170156-FC9E-4655-9B93-0A1102B1FB76} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {E27DA5A9-227A-4215-A920-7ED64EC1F29E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-22] (Adobe Systems Incorporated)
Task: {E3B079A5-9C71-41C8-B6DF-3EF03C091D3E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {E413BE20-6FCF-4881-9CF1-2A7117D6ED3A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-21] (Microsoft Corporation)
Task: {E8B61091-544C-404C-8B07-6E8782293A49} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF97CACF-19A3-4CE5-B680-F487AF3B748D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-21] ()
Task: {F43B762F-7560-433A-B5B4-784D6E925E58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {F848E963-1286-4D26-917B-4090052424C3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FCC70481-09E8-4295-9EA9-2E5D1007F50D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EPSON XP-630 Series Update {61C1FF77-ABA5-4555-868B-77F3A3B348E5}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE :/EXE:{61C1FF77-ABA5-4555-868B-77F3A3B348E5} /F:Update  WORKGROUP\BRAINWASHED-PC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== VerknÃ¼pfungen & WMI ========================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-05-20 19:38 - 2017-05-01 22:51 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-05-20 19:44 - 2017-05-03 22:16 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-21 12:54 - 2017-06-21 12:54 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 12:54 - 2017-06-21 12:54 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 12:54 - 2017-06-21 12:54 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 12:54 - 2017-06-21 12:54 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-20 19:44 - 2017-05-03 22:15 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2017-05-20 19:44 - 2017-05-03 22:15 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 01529320 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\Battle.net Helper.exe
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-04-06 01:05 - 2017-04-06 01:05 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-04-06 01:05 - 2017-04-06 01:05 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-05-20 19:44 - 2017-05-03 22:15 - 00018880 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2017-06-18 22:38 - 2017-06-15 09:29 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\libglesv2.dll
2017-06-18 22:38 - 2017-06-15 09:29 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\libegl.dll
2017-05-23 21:09 - 2017-05-23 21:09 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-22 11:53 - 2017-06-22 11:53 - 10628608 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-06-22 11:53 - 2017-06-22 11:53 - 00766464 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-06-22 11:53 - 2017-06-22 11:53 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-06-01 10:40 - 2017-06-01 10:41 - 23661056 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-06-01 10:40 - 2017-06-01 10:40 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 16:54 - 2017-05-26 16:54 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-20 19:44 - 2017-05-03 22:16 - 01040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-20 19:44 - 2017-05-03 22:16 - 00018880 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll
2017-05-20 21:01 - 2017-05-17 03:54 - 00678176 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2017-05-20 21:01 - 2017-06-08 07:42 - 02485536 _____ () D:\Program Files (x86)\Steam\video.dll
2017-05-20 21:01 - 2016-09-01 03:02 - 04969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 02549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2017-05-20 21:01 - 2016-09-01 03:02 - 01195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2017-05-20 21:01 - 2016-09-01 03:02 - 01563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2017-05-20 21:01 - 2017-06-08 07:42 - 00877856 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-05-20 21:01 - 2016-07-05 00:17 - 00266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2017-05-20 21:01 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-05-20 21:01 - 2017-05-20 21:01 - 01082880 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-05-20 21:01 - 2017-05-20 21:01 - 03750400 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-05-20 21:01 - 2017-05-20 21:01 - 00914432 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-05-20 21:01 - 2017-05-20 21:01 - 01127424 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-05-20 19:44 - 2017-05-03 22:15 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-05-20 21:01 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-05-20 21:01 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 55758824 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\libcef.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 00540336 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\ortp.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 00133632 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\libEGL.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 03384832 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\libGLESv2.dll
2017-06-22 15:40 - 2017-06-22 15:40 - 00148992 _____ () \\?\C:\Users\BrainWasheD\AppData\Local\Temp\EFDE.tmp.node
2017-05-20 21:01 - 2017-05-20 21:01 - 02658296 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-05-20 21:02 - 2017-05-20 21:02 - 02665976 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2017-06-08 14:55 - 2017-05-17 03:54 - 00678176 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-05-20 21:02 - 2017-05-08 21:45 - 69516064 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-05-20 21:01 - 2017-06-08 07:42 - 00385312 _____ () D:\Program Files (x86)\Steam\steam.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\sharepoint.com -> hxxps://uniduesseldorf-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2009-07-14 04:34 - 2017-06-20 23:08 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-1290209912-1044598962-369420843-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 80.69.96.12 - 81.210.129.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{F05852CB-FC98-4B64-8AB0-3CCE7BD55022}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A7CB0C50-42A6-41E1-8599-F3AFC5382948}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{FD301B80-A53F-4E10-9C9C-AD1668391E6E}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{53833F05-1347-4A1D-B298-03D20DEB4D9F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5370EBE1-96F9-47AD-9C2E-8749F2DA028A}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F981958C-9BA8-44E8-9E22-8AC71C5A7E23}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{BE444A7B-766C-4FA6-89C6-86D1F4A62015}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{65DD080D-DD95-495D-966C-F927BB3BC001}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{369A23D4-5E2C-41D8-AAC3-DB8FA7CEE0F8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{31C92797-7734-4228-89E5-C822CC9C4BC5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{862C416E-DF84-4895-AE25-037CC9650B62}A:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) A:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6D202AB6-774C-4DFD-9E1A-76E28FB9E5F7}A:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) A:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{0BC67549-76D8-4DAE-AB9B-A9098BAB4661}A:\program files (x86)\overwatch\overwatch.exe] => (Allow) A:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{996C5CB4-FFAD-43C7-80F4-277DF3A45059}A:\program files (x86)\overwatch\overwatch.exe] => (Allow) A:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{D6EEA427-FCDA-4DFC-9910-FC1C5621B787}A:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) A:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{68B483B4-2D2E-4EAE-8F21-D316E8733578}A:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) A:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{22D6576D-F90E-4FDD-91EE-1A93E19D3D90}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{05DA3760-D258-4481-B905-6EDB9BEC1507}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CC4817F6-363E-4BD8-946F-A6E6A4881131}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{008413EB-C541-4560-8191-209FB96924A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B5225F49-44EA-4283-A894-B2A70686AFFD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

==================== Wiederherstellungspunkte =========================

22-06-2017 02:18:26 Ende der Bereinigung

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/22/2017 03:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002ae30
ID des fehlerhaften Prozesses: 0x6c8
Startzeit der fehlerhaften Anwendung: 0x01d2eaee7789a38c
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 0f689b40-d827-4ba5-9d8b-d65866f01078
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/22/2017 11:54:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/22/2017 11:51:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fÃ¼r "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente Ã¼berein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" fÃ¼r eine detaillierte Diagnose.

Error: (06/22/2017 02:27:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.1.0.479, Zeitstempel: 0x58f6af02
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.1.0.479, Zeitstempel: 0x58f6af02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048a86
ID des fehlerhaften Prozesses: 0xd6c
Startzeit der fehlerhaften Anwendung: 0x01d2eaed506d011b
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Berichtskennung: 94aaf9c1-6da2-4bcb-ab4b-4062342decb4
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/22/2017 02:18:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst wÃ¤hrend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/22/2017 02:18:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst wÃ¤hrend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/22/2017 02:18:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst wÃ¤hrend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/22/2017 02:18:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst wÃ¤hrend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/22/2017 02:18:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst wÃ¤hrend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/22/2017 02:18:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst wÃ¤hrend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
Das System kann die angegebene Datei nicht finden.
.


Systemfehler:
=============
Error: (06/22/2017 03:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BitDefenderCOM" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (06/22/2017 03:39:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstÃ¼tzt.

Error: (06/22/2017 03:39:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am â€Ž22.â€Ž06.â€Ž2017 um 12:26:49 unerwartet heruntergefahren.

Error: (06/22/2017 03:37:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 1000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (06/22/2017 02:28:28 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfÃ¼gbar.

Error: (06/22/2017 02:28:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BitDefenderCOM" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (06/22/2017 02:28:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstÃ¼tzt.

Error: (06/22/2017 02:27:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 5000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.

Error: (06/22/2017 02:20:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BitDefenderCOM" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (06/22/2017 02:20:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstÃ¼tzt.


CodeIntegrity:
===================================
  Date: 2017-06-22 02:14:24.013
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:36:46.693
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:36:46.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:36:46.197
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:01:20.659
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:01:20.652
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:00:02.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:00:02.244
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 21:59:29.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 21:59:29.317
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8173.24 MB
Verfügbarer physikalischer RAM: 4628.74 MB
Summe virtueller Speicher: 16365.24 MB
Verfügbarer virtueller Speicher: 10377.77 MB

==================== Laufwerke ================================

Drive a: (Volume) (Fixed) (Total:223.57 GB) (Free:164.24 GB) NTFS
Drive c: () (Fixed) (Total:111.25 GB) (Free:69.63 GB) NTFS
Drive d: () (Fixed) (Total:488.06 GB) (Free:437.53 GB) NTFS
Drive e: (Volume) (Fixed) (Total:443.23 GB) (Free:401.88 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 1E55C42B)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: DBC5041D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: C99F686A)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 23.06.2017, 20:26

Servus,

tritt dein Problem nur in Google Chrome auf?

BrainWasheD · 23.06.2017, 23:07

Hi,
Nein. Als ich chrome deinstalliert und Firefox installiert hatte kam es in Firefox. Ohne Browser ging es im IE auf. Also immer im festgelegten Standardbrowser

M-K-D-B · 24.06.2017, 09:53

Servus,

kannst du jetzt bitte nochmal alle Browser zurücksetzen, die installierst sind und schauen, wie es sich danach verhält?

Bitte setze deine Brower wie folgt zurück:

IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

EDGE :::
Edge zurücksetzen

FF :::
Firefox zurücksetzen

CHR:::
Chrome zurücksetzen

OPR::
Opera zurücksetzen

BrainWasheD · 24.06.2017, 12:17

Moin,

Erledigt, habe den PC jetzt 2x neugestartet und es kam kein Tab bisher.

Update:

Es wurde gerade wieder ein Tab geöffnet =/

M-K-D-B · 24.06.2017, 13:03

Servus,

echt komisch das Ganze... bald gehen mir die Ideen aus.

Schritt 1
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.

Starte die sc-cleaner.exe mit einem Doppelclick.
Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
Eine Logdatei wird sich öffnen (sc-cleaner.txt).
Poste den Inhalt mit deiner nächsten Antwort.

Schritt 2
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: Download-Zoek und speichere die Datei auf deinem Desktop.

Starte Zoek.exe mit einem Doppelklick. Es wird etwas dauern, bis sich das Programm öffnet.

Kopiere den Text der folgenden Box in das Skriptfenster von zoek:

Code:

ATTFilter

iedefaults;
resetIEproxy;
shortcutfix;
resethosts;
FFdefaults;
CHRdefaults;
emptyclsid;

Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).

Schritt 3
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:filefind
*hosted.ap*

:folderfind
*hosted.ap*

:regfind
hosted.ap
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist.
Setze einen Haken vor Shortcut.txt und drücke auf Untersuchen.
FRST erstellt nun drei Logdateien (FRST.txt, Addition.txt und Shortcut.txt).
Poste mir alle drei Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von ShortcutCleaner,
die Logdatei von Zoek,
die Logdatei von SystemLook,
die drei neuen Logdateien von FRST.

BrainWasheD · 24.06.2017, 15:17

Hi,

Für mich als Laie sieht das so aus, als ob sich da was in die registries reingefressen hat? Da der dort einiges findet...
Selten so etwas penetrantes gesehen

Code:

ATTFilter

Shortcut Cleaner 1.4.9.6 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2017 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 10 Home 
Program started at: 06/24/2017 04:13:26 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\BrainWasheD\Desktop\

Searching C:\Users\Public\Desktop\


0 bad shortcuts found.

Program finished at: 06/24/2017 04:13:26 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

Code:

ATTFilter

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by BrainWasheD on 24.06.2017 at 16:15:54,92.
Microsoft Windows 10 Home 10.0.15063  x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\BrainWasheD\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

24.06.2017 16:16:43 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== FireFox Fix ======================

Deleted from C:\Users\BRAINW~1\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default\prefs.js:

Added to C:\Users\BRAINW~1\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\BRAINW~1\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\BRAINW~1\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default
- Undetermined - %ProfilePath%\extensions\sp@avast.com.xpi
- Undetermined - %ProfilePath%\extensions\wrc@avast.com.xpi

==== Firefox Plugins ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04"

==== Reset Google Chrome ======================

C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== shortcuts on Users Desktops ======================

C:\Users\BrainWasheD\Desktop\Discord.lnk - C:\Users\BrainWasheD\AppData\Local\Discord\Update.exe --processStart Discord.exe
C:\Users\BrainWasheD\Desktop\Hearthstone Deck Tracker.lnk - C:\Users\BrainWasheD\AppData\Local\HearthstoneDeckTracker\HearthstoneDeckTracker.exe 
C:\Users\BrainWasheD\Desktop\Musik.lnk - E:\Musik 
C:\Users\BrainWasheD\Desktop\TeamSpeak 3 Client.lnk - C:\Users\BrainWasheD\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe 
C:\Users\BrainWasheD\Desktop\UseNeXT by Tangysoft.lnk - D:\Program Files (x86)\UseNeXT\UseNeXT.exe 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe 
C:\Users\Public\Desktop\Guild Wars 2.lnk - A:\Program Files (x86)\Guild Wars 2\Gw2-64.exe 
C:\Users\Public\Desktop\League of Legends.lnk - D:\Riot Games\League of Legends\LeagueClient.exe 
C:\Users\Public\Desktop\Overwolf.lnk - C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk - C:\Users\BrainWasheD\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk - C:\Users\BrainWasheD\AppData\Roaming\Twitch\Bin\Twitch.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk - C:\Users\BrainWasheD\AppData\Local\Discord\Update.exe --processStart Discord.exe
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim\Hearthstone Deck Tracker.lnk - C:\Users\BrainWasheD\AppData\Local\HearthstoneDeckTracker\HearthstoneDeckTracker.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk - C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Uninstall Overwolf.lnk - C:\Program Files (x86)\Overwolf\OWUninstaller.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -  
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology\ASM104x USB 3.0 Driver\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /x {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App\Blizzard App.lnk - D:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\MyEpson Portal.lnk - C:\Program Files (x86)\epson\MyEpson Portal\mep.exe /S
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan-Einstellungen.lnk - C:\Windows\twain_32\escndv\escfg.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON Software Updater.lnk - C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE /ST
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON-Handbücher.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\Event Manager.lnk - C:\Program Files (x86)\EPSON Software\Event Manager\EProjManager.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2.lnk - A:\Program Files (x86)\Guild Wars 2\Gw2-64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk - A:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm\Heroes of the Storm.lnk - A:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk - D:\Riot Games\League of Legends\LeagueClient.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.92.lnk - C:\Program Files\Logitech Gaming Software\LCore.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Aufzeichnungs-Manager von Skype for Business.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Database Compare 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office 2016 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office 2016-Spracheinstellungen.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Spreadsheet Compare 2016.lnk - C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Telemetriedashboard für Office 2016.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Telemetrieprotokoll für Office 2016.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch\Overwatch.lnk - A:\Program Files (x86)\Overwatch\Overwatch Launcher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Program Files (x86)\Steam\Steam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT\UseNeXT.lnk - D:\Program Files (x86)\UseNeXT\UseNeXT.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk - D:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe 

==== shortcuts in Quick Launch ======================

C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found

==== EOF on 24.06.2017 at 16:18:26,72 ======================

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 16:20 on 24/06/2017 by BrainWasheD
Administrator - Elevation successful

========== filefind ==========

Searching for "*hosted.ap*"
C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hosted.ap.org_0.localstorage	--a---- 12288 bytes	[11:14 24/06/2017]	[14:13 24/06/2017] 12F89F7A5238D03DB66398643A71BA87
C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hosted.ap.org_0.localstorage-journal	--a---- 0 bytes	[11:14 24/06/2017]	[14:13 24/06/2017] D41D8CD98F00B204E9800998ECF8427E

========== folderfind ==========

Searching for "*hosted.ap*"
No folders found.

========== regfind ==========

Searching for "hosted.ap"
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME]
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/E/EU_COLOMBIA_DUTCH_JOURNALISTS?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/A/AS_CHINA_LANDSLIDE?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/M/ML_JORDAN_HONOR_CRIMES?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/M/ML_SAUDI_FOILED_ATTACK?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/M/ML_QATAR?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/A/AF_SOUTH_SUDAN_DEAD_REFUGEES?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/E/EU_TURKEY_PRIDE_PARADE?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/M/ML_ISRAEL_SYRIA?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/E/EU_GERMANY_CHINA_PANDAS?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/E/EU_BRITAIN_LONDON_FIRE?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5FBEC424-095D-4AEC-84B6-F5813E7E948A}\RecentItems\{B0CEEE89-6569-44CC-95F6-EB9CFB0A7B84}]
"Path"="C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hosted.ap.org_0.localstorage"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5FBEC424-095D-4AEC-84B6-F5813E7E948A}\RecentItems\{B0CEEE89-6569-44CC-95F6-EB9CFB0A7B84}]
"DisplayName"="http_hosted.ap.org_0"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{73AE361C-B8F1-4DB8-BD4F-5F006D34E50C}\RecentItems\{8A37B68E-2214-4002-B4F6-5767753B043D}]
"Path"="hxxp://hosted.ap.org/dynamic/stories/M/ML_JORDAN_AMERICANS_KILLED_AZOL-?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{73AE361C-B8F1-4DB8-BD4F-5F006D34E50C}\RecentItems\{8A37B68E-2214-4002-B4F6-5767753B043D}]
"DisplayName"="hxxp://hosted.ap.org/dynamic/stories/M/ML_JORDAN_AMERICANS_KILLED_AZOL-?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME]
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/E/EU_COLOMBIA_DUTCH_JOURNALISTS?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/A/AS_CHINA_LANDSLIDE?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/M/ML_JORDAN_HONOR_CRIMES?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/M/ML_SAUDI_FOILED_ATTACK?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/M/ML_QATAR?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/A/AF_SOUTH_SUDAN_DEAD_REFUGEES?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/E/EU_TURKEY_PRIDE_PARADE?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/M/ML_ISRAEL_SYRIA?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/E/EU_GERMANY_CHINA_PANDAS?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Logitech\LCD Software\LCDRSS\hxxp://hosted.ap.org/lineups/WORLDHEADS-rss_2.0.xml?SITE=OHCIN&SECTION=HOME\Read]
"hxxp://hosted.ap.org/dynamic/stories/E/EU_BRITAIN_LONDON_FIRE?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"=""
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5FBEC424-095D-4AEC-84B6-F5813E7E948A}\RecentItems\{B0CEEE89-6569-44CC-95F6-EB9CFB0A7B84}]
"Path"="C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hosted.ap.org_0.localstorage"
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5FBEC424-095D-4AEC-84B6-F5813E7E948A}\RecentItems\{B0CEEE89-6569-44CC-95F6-EB9CFB0A7B84}]
"DisplayName"="http_hosted.ap.org_0"
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{73AE361C-B8F1-4DB8-BD4F-5F006D34E50C}\RecentItems\{8A37B68E-2214-4002-B4F6-5767753B043D}]
"Path"="hxxp://hosted.ap.org/dynamic/stories/M/ML_JORDAN_AMERICANS_KILLED_AZOL-?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"
[HKEY_USERS\S-1-5-21-1290209912-1044598962-369420843-1000\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{73AE361C-B8F1-4DB8-BD4F-5F006D34E50C}\RecentItems\{8A37B68E-2214-4002-B4F6-5767753B043D}]
"DisplayName"="hxxp://hosted.ap.org/dynamic/stories/M/ML_JORDAN_AMERICANS_KILLED_AZOL-?SITE=OHCIN&SECTION=HOME&TEMPLATE=DEFAULT"

-= EOF =-

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2017
durchgeführt von BrainWasheD (Administrator) auf BRAINWASHED-PC (24-06-2017 16:22:45)
Gestartet von C:\Users\BrainWasheD\Desktop
Geladene Profile: BrainWasheD (Verfügbare Profile: BrainWasheD)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Hammer & Chisel, Inc.) C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\Discord.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Hammer & Chisel, Inc.) C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\Discord.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5676\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
(Blizzard Entertainment) D:\Program Files (x86)\Blizzard App\Battle.net.8941\Battle.net.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hammer & Chisel, Inc.) C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\Discord.exe
() D:\Program Files (x86)\Blizzard App\Battle.net.8941\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() D:\Program Files (x86)\Blizzard App\Battle.net.8941\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-06] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Run: [Discord] => C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Run: [Battle.net] => D:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe [3229160 2017-05-20] (Blizzard Entertainment)
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{00f4a4f9-90c8-4abb-b592-61cb1208f787}: [DhcpNameServer] 80.69.96.12 81.210.129.4

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1290209912-1044598962-369420843-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-1290209912-1044598962-369420843-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-21] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-22] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-22] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mguelu0x.default
FF ProfilePath: C:\Users\BrainWasheD\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default [2017-06-24]
FF NewTab: Mozilla\Firefox\Profiles\mguelu0x.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\mguelu0x.default -> about:home
FF Extension: (Avast SafePrice) - C:\Users\BrainWasheD\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default\Extensions\sp@avast.com.xpi [2017-06-18]
FF Extension: (Avast Online Security) - C:\Users\BrainWasheD\AppData\Roaming\Mozilla\Firefox\Profiles\mguelu0x.default\Extensions\wrc@avast.com.xpi [2017-06-18]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-06-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default [2017-06-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\BrainWasheD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-24]
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-05-20] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4412616 2017-06-11] (Microsoft Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [819672 2017-06-05] (Seiko Epson Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-03] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-06-18] (Overwolf LTD)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S2 BitDefenderCOM; "C:\Program Files\BDServices\BitDefenderCom.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2017-04-06] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-06] (Logitech Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-05-02] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84960 2017-05-22] (Sysinternals - www.sysinternals.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [442848 2017-05-05] (BitDefender S.R.L.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-24 16:22 - 2017-06-24 16:22 - 00016998 _____ C:\Users\BrainWasheD\Desktop\FRST.txt
2017-06-24 16:22 - 2017-06-24 16:22 - 00000000 ____D C:\Users\BrainWasheD\Desktop\FRST-OlderVersion
2017-06-24 16:20 - 2017-06-24 16:21 - 00017562 _____ C:\Users\BrainWasheD\Desktop\SystemLook.txt
2017-06-24 16:20 - 2017-06-24 16:20 - 00165376 _____ C:\Users\BrainWasheD\Desktop\SystemLook_x64.exe
2017-06-24 16:17 - 2017-06-24 16:15 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-06-24 16:15 - 2017-06-24 16:15 - 01309184 _____ C:\Users\BrainWasheD\Desktop\zoek.exe
2017-06-24 16:15 - 2017-06-24 16:15 - 00000000 ____D C:\zoek_backup
2017-06-24 16:13 - 2017-06-24 16:13 - 00467072 _____ (Bleeping Computer, LLC) C:\Users\BrainWasheD\Desktop\sc-cleaner.exe
2017-06-24 16:13 - 2017-06-24 16:13 - 00001872 _____ C:\Users\BrainWasheD\Desktop\sc-cleaner.txt
2017-06-22 22:55 - 2017-06-24 16:22 - 02440704 _____ (Farbar) C:\Users\BrainWasheD\Desktop\FRST64.exe
2017-06-22 22:55 - 2017-06-24 16:22 - 00000000 ____D C:\FRST
2017-06-22 19:29 - 2017-06-22 19:29 - 00747492 _____ C:\Users\BrainWasheD\Downloads\Tyr_triangle_blue.webm
2017-06-22 19:28 - 2017-06-22 19:28 - 05740048 _____ C:\Users\BrainWasheD\Downloads\ambroride_v3.mp4
2017-06-22 19:28 - 2017-06-22 19:28 - 04385548 _____ C:\Users\BrainWasheD\Downloads\GoT&HoT.webm
2017-06-22 19:28 - 2017-06-22 19:28 - 03371314 _____ C:\Users\BrainWasheD\Downloads\ely.mp4
2017-06-22 19:28 - 2017-06-22 19:28 - 02799672 _____ C:\Users\BrainWasheD\Downloads\ambro5k.webm
2017-06-22 02:18 - 2017-06-22 02:18 - 00003666 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-06-22 02:18 - 2017-06-22 02:18 - 00001552 _____ C:\DelFix.txt
2017-06-22 02:18 - 2017-06-22 02:18 - 00000000 ____D C:\WINDOWS\ERUNT
2017-06-22 02:12 - 2017-06-22 02:12 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-06-22 02:12 - 2017-06-22 02:12 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Sun
2017-06-22 02:12 - 2017-06-22 02:12 - 00000000 ____D C:\Users\BrainWasheD\AppData\LocalLow\Sun
2017-06-22 02:12 - 2017-06-22 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-22 02:11 - 2017-06-22 02:12 - 00000000 ____D C:\ProgramData\Oracle
2017-06-22 02:11 - 2017-06-22 02:11 - 00738368 _____ (Oracle Corporation) C:\Users\BrainWasheD\Downloads\JavaSetup8u131.exe
2017-06-22 02:11 - 2017-06-22 02:11 - 00000000 ____D C:\Program Files (x86)\Java
2017-06-22 02:10 - 2017-06-22 02:10 - 00004654 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-22 02:10 - 2017-06-22 02:10 - 00004466 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-06-21 17:48 - 2017-06-21 17:48 - 00000000 ____D C:\Program Files (x86)\ESET
2017-06-20 17:49 - 2017-06-20 17:49 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\.mono
2017-06-20 17:49 - 2017-06-20 17:49 - 00000000 ____D C:\Users\BrainWasheD\AppData\LocalLow\Blizzard Entertainment
2017-06-20 17:49 - 2017-06-20 17:49 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Blizzard
2017-06-20 17:49 - 2017-06-20 17:49 - 00000000 ____D C:\ProgramData\.mono
2017-06-20 17:46 - 2017-06-20 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-06-20 17:45 - 2017-06-20 18:03 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\HearthstoneDeckTracker
2017-06-20 17:45 - 2017-06-20 17:45 - 00002641 _____ C:\Users\BrainWasheD\Desktop\Hearthstone Deck Tracker.lnk
2017-06-20 17:45 - 2017-06-20 17:45 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-06-20 17:45 - 2017-06-20 17:45 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\HearthstoneDeckTracker
2017-06-20 17:44 - 2017-06-20 17:44 - 22687008 _____ (HearthSim) C:\Users\BrainWasheD\Downloads\HDT-Installer.exe
2017-06-20 02:17 - 2017-06-20 12:19 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\vlc
2017-06-20 02:17 - 2017-06-20 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-06-20 02:17 - 2017-06-20 02:17 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-06-20 02:16 - 2017-06-20 02:16 - 30950664 _____ C:\Users\BrainWasheD\Downloads\vlc-2.2.6-win32.exe
2017-06-19 23:00 - 2017-06-19 23:00 - 00208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\55876282.sys
2017-06-19 22:52 - 2017-06-19 22:52 - 00208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\55192664.sys
2017-06-19 13:49 - 2017-06-19 13:49 - 09836385 _____ C:\Users\BrainWasheD\Downloads\01_Studi.pdf
2017-06-19 01:23 - 2017-06-19 01:23 - 00208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\85203316.sys
2017-06-19 00:31 - 2017-06-19 00:31 - 00000000 ____D C:\ProgramData\Emsisoft
2017-06-19 00:30 - 2017-06-19 00:32 - 00000000 ____D C:\EEK
2017-06-18 22:39 - 2017-06-18 22:39 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Google
2017-06-18 22:38 - 2017-06-18 22:38 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-06-18 22:38 - 2017-06-18 22:38 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-06-18 22:38 - 2017-06-18 22:38 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-18 21:20 - 2017-06-18 22:35 - 00000000 ____D C:\Program Files\CCleaner
2017-06-18 21:20 - 2017-06-18 21:20 - 00002880 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-06-18 21:20 - 2017-06-18 21:20 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-18 21:20 - 2017-06-18 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-06-18 21:19 - 2017-06-18 22:47 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Google
2017-06-18 21:19 - 2017-06-18 22:38 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-18 21:18 - 2017-06-18 21:52 - 00000000 ____D C:\Users\BrainWasheD\AppData\LocalLow\Mozilla
2017-06-18 21:18 - 2017-06-18 21:41 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Mozilla
2017-06-18 21:18 - 2017-06-18 21:18 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Mozilla
2017-06-18 21:03 - 2017-06-18 21:03 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7BA52E92.sys
2017-06-18 15:43 - 2017-06-18 15:46 - 00000000 ____D C:\ProgramData\HitmanPro
2017-06-18 13:31 - 2017-06-18 21:54 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Deployment
2017-06-18 13:31 - 2017-06-18 13:31 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Macromedia
2017-06-18 12:52 - 2017-06-18 13:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-06-18 03:03 - 2017-06-22 02:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-17 23:13 - 2017-06-17 23:13 - 00000000 ____D C:\Program Files (x86)\Notepad++
2017-06-17 21:04 - 2017-06-17 21:04 - 00000000 ____D C:\Users\BrainWasheD\Documents\League of Legends
2017-06-17 21:03 - 2017-06-17 21:04 - 00000863 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-06-17 21:03 - 2017-06-17 21:03 - 00000000 ____D C:\ProgramData\Riot Games
2017-06-17 21:03 - 2017-06-17 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-06-17 21:03 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-06-17 21:03 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-06-17 21:03 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-06-17 21:02 - 2017-06-17 21:03 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Riot Games
2017-06-15 10:19 - 2017-06-15 10:19 - 00000713 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2017-06-15 10:19 - 2017-06-15 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2017-06-15 10:17 - 2017-06-15 10:19 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Guild Wars 2
2017-06-15 09:57 - 2017-06-15 09:57 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-14 17:08 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 17:08 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 17:08 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 17:08 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 17:08 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 17:08 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 17:08 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 17:08 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 17:08 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 17:08 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 17:08 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 17:08 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 17:08 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 17:08 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 17:08 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 17:08 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 17:08 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 17:08 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 17:08 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 17:08 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 17:08 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 17:08 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 17:08 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 17:08 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 17:08 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 17:08 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 17:08 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 17:08 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 17:08 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 17:08 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 17:08 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 17:08 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 17:08 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 17:08 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 17:07 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 17:07 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 17:07 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 17:07 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 17:07 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 17:07 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 17:07 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 17:07 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 17:07 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 17:07 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 17:07 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 17:07 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 17:07 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 17:07 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 17:07 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 17:07 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 17:07 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 17:07 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 17:07 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 17:07 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 17:07 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 17:07 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 17:07 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 17:07 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 17:07 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 17:07 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 17:07 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 17:07 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 17:07 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 17:07 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 17:07 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 17:07 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 17:06 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 17:06 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 17:06 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 17:06 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 17:06 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 17:06 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 17:06 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 17:06 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 17:06 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 17:06 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 17:06 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 17:06 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 17:06 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 17:06 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 17:06 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 17:06 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 17:06 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 17:06 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 17:06 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 17:06 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 17:06 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 17:06 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 17:06 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 17:06 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 17:06 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 17:06 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 17:06 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 17:06 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 17:06 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 17:06 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 17:06 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 17:06 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 17:06 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 17:06 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 17:06 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 17:06 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 17:06 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 17:06 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 17:06 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 17:06 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-06 18:03 - 2017-06-22 02:23 - 00015872 ___SH C:\Users\BrainWasheD\Desktop\Thumbs.db
2017-06-03 08:08 - 2017-06-20 12:21 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\UseNeXT
2017-06-03 08:08 - 2017-06-03 08:08 - 00000819 _____ C:\Users\BrainWasheD\Desktop\UseNeXT by Tangysoft.lnk
2017-06-03 08:08 - 2017-06-03 08:08 - 00000000 ____D C:\Users\BrainWasheD\Documents\UseNeXT
2017-06-03 08:08 - 2017-06-03 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2017-06-03 08:05 - 2017-06-06 18:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-06-03 08:05 - 2017-06-03 16:08 - 00000000 ____D C:\ProgramData\Adobe
2017-06-03 08:05 - 2017-06-03 08:05 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-06-03 08:05 - 2017-06-03 08:05 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-05-30 16:35 - 2017-05-30 16:35 - 00000000 ____D C:\Users\BrainWasheD\Documents\Benutzerdefinierte Office-Vorlagen
2017-05-29 12:51 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-05-29 12:51 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-29 12:51 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-29 12:51 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-29 12:51 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-29 12:51 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-29 12:51 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-29 12:51 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-05-29 12:51 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-05-29 12:51 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-05-29 12:51 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-29 12:51 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-29 12:51 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-29 12:51 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-29 12:51 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-05-29 12:51 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-05-29 12:51 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-29 12:51 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-05-29 12:51 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-05-29 12:51 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-29 12:51 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-29 12:51 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-29 12:51 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-05-29 12:51 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-05-29 12:51 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-29 12:51 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-29 12:51 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-05-29 12:51 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-29 12:51 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-29 12:51 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-29 12:51 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-05-29 12:51 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-05-29 12:51 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-05-29 12:51 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-05-29 12:51 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-29 12:51 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-29 12:51 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-29 12:51 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-29 12:51 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-29 12:51 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-05-29 12:51 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-29 12:51 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-05-29 12:51 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-29 12:51 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-05-29 12:51 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-29 12:51 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-05-29 12:51 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-29 12:51 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-05-29 12:51 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-05-29 12:51 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-29 12:51 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-05-29 12:51 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-29 12:51 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-05-29 12:51 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-05-29 12:51 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-29 12:51 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-29 12:51 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-05-29 12:51 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-05-29 12:51 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-29 12:51 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-29 12:51 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-05-29 12:51 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-05-29 12:51 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-05-29 12:51 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-05-29 12:51 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-05-29 12:51 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-05-29 12:51 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-05-29 12:51 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-29 12:51 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-05-29 12:51 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-29 12:51 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-05-29 12:51 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-05-29 12:51 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-29 12:51 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-29 12:51 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-05-29 12:51 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-05-29 12:51 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-29 12:51 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-05-29 12:51 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-05-29 12:51 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-05-29 12:51 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-05-29 12:51 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-05-29 12:51 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-05-29 12:51 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-05-29 12:51 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-29 12:51 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-05-29 12:51 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-05-29 12:51 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-05-29 12:51 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-29 12:51 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-05-29 12:51 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-29 12:51 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-05-29 12:51 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-29 12:51 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-29 12:51 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-29 12:51 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-05-29 12:51 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-29 12:51 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-29 12:51 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-29 12:51 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-29 12:51 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-29 12:51 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-05-29 12:51 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-29 12:51 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-05-29 12:51 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-29 12:51 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-29 12:51 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-29 12:51 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-05-29 12:51 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-05-29 12:51 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-05-29 12:51 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-05-29 12:51 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-29 12:51 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-05-29 12:51 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-29 12:51 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-05-29 12:51 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-05-29 12:51 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-05-25 17:23 - 2017-05-25 17:23 - 00001150 _____ C:\Users\Public\Desktop\Overwolf.lnk
2017-05-25 17:23 - 2017-05-25 17:23 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\NVIDIA
2017-05-25 17:22 - 2017-06-22 21:22 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-05-25 17:22 - 2017-06-22 00:48 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\TS3Client
2017-05-25 17:22 - 2017-06-02 08:18 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Overwolf
2017-05-25 17:22 - 2017-05-25 17:24 - 00000000 ____D C:\ProgramData\Overwolf
2017-05-25 17:22 - 2017-05-25 17:22 - 00004382 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2017-05-25 17:22 - 2017-05-25 17:22 - 00001342 _____ C:\Users\BrainWasheD\Desktop\TeamSpeak 3 Client.lnk
2017-05-25 17:22 - 2017-05-25 17:22 - 00001300 _____ C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-05-25 17:22 - 2017-05-25 17:22 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2017-05-25 17:22 - 2017-05-25 17:22 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\TeamSpeak 3 Client
2017-05-25 17:22 - 2017-05-25 17:22 - 00000000 ____D C:\Users\BrainWasheD\.TeamSpeak 3
2017-05-25 17:22 - 2017-05-25 17:22 - 00000000 ____D C:\Users\BrainWasheD\.QtWebEngineProcess

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-24 16:19 - 2017-05-20 20:00 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Battle.net
2017-06-24 16:18 - 2017-05-20 19:38 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-24 16:18 - 2017-05-20 19:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-24 16:17 - 2017-05-20 19:30 - 00000000 ____D C:\Users\BrainWasheD
2017-06-24 16:17 - 2017-03-18 13:40 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-06-24 15:45 - 2017-05-20 19:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-24 12:16 - 2017-05-20 19:38 - 02544660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-24 12:16 - 2017-03-20 06:35 - 01175266 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-24 12:16 - 2017-03-20 06:35 - 00269556 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-24 12:08 - 2017-05-22 01:31 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08FEE1D4-25C0-4D3B-B4B9-6E4636D53EB8}
2017-06-24 12:08 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-24 12:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-23 10:36 - 2017-05-20 19:40 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\CrashDumps
2017-06-22 02:20 - 2017-05-20 18:24 - 00000000 ____D C:\Program Files\Common Files\AV
2017-06-22 02:20 - 2017-05-20 18:23 - 00000000 ____D C:\ProgramData\AVAST Software
2017-06-22 02:13 - 2017-05-20 21:08 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Adobe
2017-06-22 02:12 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-06-22 02:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-22 02:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-21 22:35 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-21 22:34 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-21 22:33 - 2017-05-20 21:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-20 17:45 - 2017-05-20 21:01 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\SquirrelTemp
2017-06-18 22:37 - 2017-05-23 10:31 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-18 22:37 - 2017-05-20 18:43 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-18 21:56 - 2017-05-20 20:55 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\MicrosoftEdge
2017-06-18 13:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-17 23:13 - 2017-05-21 15:49 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Notepad++
2017-06-15 10:50 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 09:50 - 2017-05-20 19:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-15 09:49 - 2017-05-20 19:28 - 00386600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 21:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 21:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 18:16 - 2017-05-21 14:57 - 00000000 ____D C:\Users\BrainWasheD\AppData\Roaming\Twitch
2017-06-14 17:12 - 2017-05-21 22:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 17:10 - 2017-05-21 22:47 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 17:10 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-13 16:05 - 2017-05-20 19:35 - 00000000 ____D C:\Users\BrainWasheD\AppData\Local\Packages
2017-06-07 11:02 - 2017-05-20 21:41 - 00000000 ____D C:\Users\BrainWasheD\Documents\Overwatch
2017-06-03 08:32 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:32 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-29 16:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-18 13:02 - 2017-06-18 13:02 - 0000053 _____ () C:\Users\BrainWasheD\AppData\Roaming\LogFile.txt
2017-05-20 21:19 - 2017-05-20 21:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-15 10:48

==================== Ende von FRST.txt ============================

BrainWasheD · 24.06.2017, 15:24

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-06-2017
durchgefÃ¼hrt von BrainWasheD (24-06-2017 16:23:16)
Gestartet von C:\Users\BrainWasheD\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-20 17:35:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1290209912-1044598962-369420843-500 - Administrator - Disabled)
BrainWasheD (S-1-5-21-1290209912-1044598962-369420843-1000 - Administrator - Enabled) => C:\Users\BrainWasheD
DefaultAccount (S-1-5-21-1290209912-1044598962-369420843-503 - Limited - Disabled)
Gast (S-1-5-21-1290209912-1044598962-369420843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1290209912-1044598962-369420843-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Discord (HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-630 Series Printer Uninstall (HKLM\...\EPSON XP-630 Series) (Version:  - Seiko Epson Corporation)
EPSON-HandbÃ¼cher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.53.0.0 - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\HearthstoneDeckTracker) (Version: 1.3.5 - HearthSim)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8229.2045 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.4.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.105.48.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.91.1119.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
Twitch (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Twitch Interactive, Inc.)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1290209912-1044598962-369420843-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\BrainWasheD\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1290209912-1044598962-369420843-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\BrainWasheD\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1290209912-1044598962-369420843-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\BrainWasheD\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0166F2C7-5F9A-412F-97F3-7B6FABE80767} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-22] (Adobe Systems Incorporated)
Task: {0EA1CF12-4D4E-4351-94B7-84115E3AB914} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-18] (Google Inc.)
Task: {18BD4184-9849-4FDB-9B2D-24D03803CE9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B4E6278-16D4-45A6-8BDE-8BAA2F57111A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {3B04BECD-23DB-471D-A731-C373F6E8F907} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-11] (Microsoft Corporation)
Task: {420B7897-F154-4134-B3AE-149DECC6BAF7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4D092839-43B2-4855-AB19-8D6325F14541} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {5832288D-E503-4966-AF8E-965743410F82} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A7E1579-B6EB-4F42-9120-BC6031D5793C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B4D641C-AF35-4B5B-8EDB-D191464EBBE8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ECBA297-C419-4699-B73F-898E1F326367} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-11] (Microsoft Corporation)
Task: {61C6518D-C13B-4071-9836-2975C78C13FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {6F7AC86E-5FFA-4710-9A38-0BE5F3CB4539} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7270ECB5-AEA9-489F-BA3C-BC230228194A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {74D85C90-A46D-4914-B0DE-2B320BE872A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {7E801DA2-CF04-4FED-BCA3-31CF6097C3C2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {7FB80D08-E1BE-4B3C-BDA4-6AA519217046} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {93A58816-DD3E-4BF6-9C17-F4D3BAC595AC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {95284773-EAF4-481E-B224-DB2BF54EDA8F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {957EF89D-E1CF-4C48-BEC4-14BB44D42D51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-18] (Google Inc.)
Task: {96F95AF5-1C8C-4718-A36B-24E45D8224B4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9947AA0C-3D16-476F-9E8F-39C7AE7D6406} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-21] (Microsoft Corporation)
Task: {9B71CBD8-7E43-4204-93A2-BC0C53D78FB3} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {9CC7B1AB-F5C2-46E8-AF00-3CA249EBFF9A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A150F5A9-E5F0-4935-BD77-219558415C65} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A1FCDDC7-CC06-48C1-B4EB-440E9E3CBD16} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-21] ()
Task: {A34D82D1-35D7-40D5-BFBD-1228C53033DF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A4D1A90D-EB59-4F32-94B7-FF32DB04EE43} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A81ACE1F-61CB-4BC1-A7FA-8C924339B59A} - System32\Tasks\EPSON XP-630 Series Update {61C1FF77-ABA5-4555-868B-77F3A3B348E5} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {B205450B-BFE4-44A9-ADCC-69B35A025AB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-21] (Microsoft Corporation)
Task: {B428955E-0F10-42B9-9BC2-C8E0D4A2E8CA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B74E1E8C-4791-48B9-AB80-C95F3E9408B5} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-06-18] (Overwolf LTD)
Task: {BE535D16-1CEE-4C7F-B997-0936C38FD171} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {BFCFEED0-3A42-43DE-9DB8-3EB9C8A3436B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C0E93ABF-6B28-43AF-9233-8C6C60788FCE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2F94150-B72D-4E77-AF25-E4B46736A963} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DE170156-FC9E-4655-9B93-0A1102B1FB76} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {E27DA5A9-227A-4215-A920-7ED64EC1F29E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-22] (Adobe Systems Incorporated)
Task: {E3B079A5-9C71-41C8-B6DF-3EF03C091D3E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {E413BE20-6FCF-4881-9CF1-2A7117D6ED3A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-21] (Microsoft Corporation)
Task: {E8B61091-544C-404C-8B07-6E8782293A49} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF97CACF-19A3-4CE5-B680-F487AF3B748D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-21] ()
Task: {F43B762F-7560-433A-B5B4-784D6E925E58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {F848E963-1286-4D26-917B-4090052424C3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FCC70481-09E8-4295-9EA9-2E5D1007F50D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EPSON XP-630 Series Update {61C1FF77-ABA5-4555-868B-77F3A3B348E5}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE :/EXE:{61C1FF77-ABA5-4555-868B-77F3A3B348E5} /F:Update  WORKGROUP\BRAINWASHED-PC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== VerknÃ¼pfungen & WMI ========================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-05-20 19:44 - 2017-05-03 22:16 - 01267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-21 12:54 - 2017-06-21 12:54 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 12:54 - 2017-06-21 12:54 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 12:54 - 2017-06-21 12:54 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 12:54 - 2017-06-21 12:54 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-04-06 01:05 - 2017-04-06 01:05 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-04-06 01:05 - 2017-04-06 01:05 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-05-20 19:44 - 2017-05-03 22:15 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_regex-vc120-mt-1_58.dll
2017-05-20 19:44 - 2017-05-03 22:15 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\nvstreamsrv\boost_system-vc120-mt-1_58.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 01529320 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\Battle.net Helper.exe
2017-05-20 19:44 - 2017-05-03 22:15 - 00018880 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2017-06-18 22:38 - 2017-06-15 09:29 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\libglesv2.dll
2017-06-18 22:38 - 2017-06-15 09:29 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.104\libegl.dll
2017-05-20 19:44 - 2017-05-03 22:16 - 01040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-20 19:44 - 2017-05-03 22:16 - 00018880 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll
2017-05-20 21:01 - 2017-05-17 03:54 - 00678176 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2017-05-20 21:01 - 2017-06-08 07:42 - 02485536 _____ () D:\Program Files (x86)\Steam\video.dll
2017-05-20 21:01 - 2016-09-01 03:02 - 04969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 02549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2017-05-20 21:01 - 2016-01-27 09:49 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2017-05-20 21:01 - 2016-09-01 03:02 - 01195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2017-05-20 21:01 - 2016-09-01 03:02 - 01563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2017-05-20 21:01 - 2017-06-08 07:42 - 00877856 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-05-20 21:01 - 2016-07-05 00:17 - 00266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2017-05-20 21:01 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-05-20 21:01 - 2017-05-20 21:01 - 01082880 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-05-20 21:01 - 2017-05-20 21:01 - 03750400 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-05-20 21:01 - 2017-05-20 21:01 - 00914432 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-05-20 21:01 - 2017-05-20 21:01 - 01127424 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-05-20 19:44 - 2017-05-03 22:15 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-05-20 21:01 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-05-20 21:01 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\BrainWasheD\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 55758824 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\libcef.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 00540336 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\ortp.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 00133632 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\libEGL.dll
2017-06-20 01:41 - 2017-06-20 01:41 - 03384832 _____ () D:\Program Files (x86)\Blizzard App\Battle.net.8941\libGLESv2.dll
2017-06-24 16:18 - 2017-06-24 16:18 - 00148992 _____ () \\?\C:\Users\BrainWasheD\AppData\Local\Temp\D64B.tmp.node
2017-05-20 21:01 - 2017-05-20 21:01 - 02658296 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-05-20 21:02 - 2017-05-20 21:02 - 02665976 _____ () \\?\C:\Users\BrainWasheD\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2017-06-08 14:55 - 2017-05-17 03:54 - 00678176 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-05-20 21:02 - 2017-05-08 21:45 - 69516064 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-05-20 21:01 - 2017-06-08 07:42 - 00385312 _____ () D:\Program Files (x86)\Steam\steam.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\sharepoint.com -> hxxps://uniduesseldorf-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2009-07-14 04:34 - 2017-06-24 16:16 - 00000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

 
127.0.0.1       localhost 

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-1290209912-1044598962-369420843-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 80.69.96.12 - 81.210.129.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKU\S-1-5-21-1290209912-1044598962-369420843-1000\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{F05852CB-FC98-4B64-8AB0-3CCE7BD55022}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A7CB0C50-42A6-41E1-8599-F3AFC5382948}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{FD301B80-A53F-4E10-9C9C-AD1668391E6E}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{53833F05-1347-4A1D-B298-03D20DEB4D9F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5370EBE1-96F9-47AD-9C2E-8749F2DA028A}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F981958C-9BA8-44E8-9E22-8AC71C5A7E23}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{BE444A7B-766C-4FA6-89C6-86D1F4A62015}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{65DD080D-DD95-495D-966C-F927BB3BC001}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{369A23D4-5E2C-41D8-AAC3-DB8FA7CEE0F8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{31C92797-7734-4228-89E5-C822CC9C4BC5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{862C416E-DF84-4895-AE25-037CC9650B62}A:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) A:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{6D202AB6-774C-4DFD-9E1A-76E28FB9E5F7}A:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) A:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{0BC67549-76D8-4DAE-AB9B-A9098BAB4661}A:\program files (x86)\overwatch\overwatch.exe] => (Allow) A:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{996C5CB4-FFAD-43C7-80F4-277DF3A45059}A:\program files (x86)\overwatch\overwatch.exe] => (Allow) A:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{D6EEA427-FCDA-4DFC-9910-FC1C5621B787}A:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) A:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{68B483B4-2D2E-4EAE-8F21-D316E8733578}A:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) A:\program files (x86)\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{22D6576D-F90E-4FDD-91EE-1A93E19D3D90}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{05DA3760-D258-4481-B905-6EDB9BEC1507}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CC4817F6-363E-4BD8-946F-A6E6A4881131}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{008413EB-C541-4560-8191-209FB96924A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B5225F49-44EA-4283-A894-B2A70686AFFD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{93083F2C-D4F9-4CEC-9BD7-4B1E72651E83}A:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) A:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A832D7C3-7E4E-4948-87EF-50BCD21B810D}A:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe] => (Allow) A:\program files (x86)\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe

==================== Wiederherstellungspunkte =========================

22-06-2017 02:18:26 Ende der Bereinigung
24-06-2017 16:16:35 zoek.exe restore point

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/24/2017 12:08:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/24/2017 12:08:03 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fÃ¼r "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente Ã¼berein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" fÃ¼r eine detaillierte Diagnose.

Error: (06/23/2017 10:36:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LCore.exe, Version: 8.92.67.0, Zeitstempel: 0x58e574bb
Name des fehlerhaften Moduls: LCore.exe, Version: 8.92.67.0, Zeitstempel: 0x58e574bb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000006369f2
ID des fehlerhaften Prozesses: 0x1498
Startzeit der fehlerhaften Anwendung: 0x01d2ebf6139b8d7c
Pfad der fehlerhaften Anwendung: C:\Program Files\Logitech Gaming Software\LCore.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Logitech Gaming Software\LCore.exe
Berichtskennung: f17768c3-e324-4873-a05d-ebddd35b0112
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/23/2017 09:58:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/23/2017 09:58:16 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fÃ¼r "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente Ã¼berein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" fÃ¼r eine detaillierte Diagnose.

Error: (06/23/2017 12:00:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wmplayer.exe, Version 12.0.15063.0 kann nicht mehr unter Windows ausgefÃ¼hrt werden und wurde beendet. ÃœberprÃ¼fen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: cfc

Startzeit: 01d2eb7cee04b55c

Beendigungszeit: 7

Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Berichts-ID: 42bf2001-3313-4374-b5d8-1f884a0443af

VollstÃ¤ndiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/22/2017 03:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002ae30
ID des fehlerhaften Prozesses: 0x6c8
Startzeit der fehlerhaften Anwendung: 0x01d2eaee7789a38c
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 0f689b40-d827-4ba5-9d8b-d65866f01078
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/22/2017 11:54:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/22/2017 11:51:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes fÃ¼r "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente Ã¼berein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" fÃ¼r eine detaillierte Diagnose.

Error: (06/22/2017 02:27:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.1.0.479, Zeitstempel: 0x58f6af02
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.1.0.479, Zeitstempel: 0x58f6af02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048a86
ID des fehlerhaften Prozesses: 0xd6c
Startzeit der fehlerhaften Anwendung: 0x01d2eaed506d011b
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Berichtskennung: 94aaf9c1-6da2-4bcb-ab4b-4062342decb4
VollstÃ¤ndiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (06/24/2017 04:18:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BitDefenderCOM" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (06/24/2017 04:18:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstÃ¼tzt.

Error: (06/24/2017 12:09:40 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfÃ¼gbar.

Error: (06/24/2017 12:09:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BitDefenderCOM" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (06/24/2017 12:09:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstÃ¼tzt.

Error: (06/23/2017 12:19:56 AM) (Source: DCOM) (EventID: 10010) (User: BrainWasheD-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (06/22/2017 03:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BitDefenderCOM" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (06/22/2017 03:39:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstÃ¼tzt.

Error: (06/22/2017 03:39:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am â€Ž22.â€Ž06.â€Ž2017 um 12:26:49 unerwartet heruntergefahren.

Error: (06/22/2017 03:37:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 1000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-06-24 16:19:03.814
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 02:14:24.013
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:36:46.693
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:36:46.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:36:46.197
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:01:20.659
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:01:20.652
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:00:02.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 22:00:02.244
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-18 21:59:29.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8173.24 MB
Verfügbarer physikalischer RAM: 4985.02 MB
Summe virtueller Speicher: 16877.24 MB
Verfügbarer virtueller Speicher: 13310.34 MB

==================== Laufwerke ================================

Drive a: (Volume) (Fixed) (Total:223.57 GB) (Free:164.26 GB) NTFS
Drive c: () (Fixed) (Total:111.25 GB) (Free:68.59 GB) NTFS
Drive d: () (Fixed) (Total:488.06 GB) (Free:437.53 GB) NTFS
Drive e: (Volume) (Fixed) (Total:443.23 GB) (Free:402.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 1E55C42B)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: DBC5041D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: C99F686A)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 24-06-2017
durchgeführt von BrainWasheD (24-06-2017 16:23:36)
Gestartet von C:\Users\BrainWasheD\Desktop
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C51411C0-11DB-AD74-0008-BDAB669A0C20}\SupportTasks\1\Guild Wars 2 Support Webseite.lnk -> hxxp://support.guildwars2.com
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C51411C0-11DB-AD74-0008-BDAB669A0C20}\SupportTasks\0\Guild Wars 2 Webseite.lnk -> hxxp://www.guildwars2.com


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\BrainWasheD\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\BrainWasheD\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\BrainWasheD\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\BrainWasheD\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\BrainWasheD\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\BrainWasheD ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk -> D:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT\UseNeXT.lnk -> D:\Program Files (x86)\UseNeXT\UseNeXT.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch\Overwatch.lnk -> A:\Program Files (x86)\Overwatch\Overwatch Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Aufzeichnungs-Manager von Skype for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office 2016-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Telemetriedashboard für Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Telemetrieprotokoll für Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.92.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> D:\Riot Games\League of Legends\LeagueClient.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm\Heroes of the Storm.lnk -> A:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk -> A:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2.lnk -> A:\Program Files (x86)\Guild Wars 2\Gw2-64.exe (ArenaNet)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\Event Manager.lnk -> C:\Program Files (x86)\EPSON Software\Event Manager\EProjManager.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan-Einstellungen.lnk -> C:\Windows\twain_32\escndv\escfg.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan.lnk -> C:\Windows\twain_32\escndv\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App\Blizzard App.lnk -> D:\Program Files (x86)\Blizzard App\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C51411C0-11DB-AD74-0008-BDAB669A0C20}\PlayTasks\0\Play.lnk -> A:\Program Files (x86)\Guild Wars 2\Gw2-64.exe (ArenaNet)
Shortcut: C:\Users\BrainWasheD\Links\Desktop.lnk -> C:\Users\BrainWasheD\Desktop ()
Shortcut: C:\Users\BrainWasheD\Links\Downloads.lnk -> C:\Users\BrainWasheD\Downloads ()
Shortcut: C:\Users\BrainWasheD\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\BrainWasheD\Documents\Heroes of the Storm\T_41205923_415@2.lnk -> C:\Users\BrainWasheD\Documents\Heroes of the Storm\Accounts\1288076\2-Hero-1-677619 ()
Shortcut: C:\Users\BrainWasheD\Desktop\Hearthstone Deck Tracker.lnk -> C:\Users\BrainWasheD\AppData\Local\HearthstoneDeckTracker\HearthstoneDeckTracker.exe (HearthSim)
Shortcut: C:\Users\BrainWasheD\Desktop\Musik.lnk -> E:\Musik ()
Shortcut: C:\Users\BrainWasheD\Desktop\TeamSpeak 3 Client.lnk -> C:\Users\BrainWasheD\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\BrainWasheD\Desktop\UseNeXT by Tangysoft.lnk -> D:\Program Files (x86)\UseNeXT\UseNeXT.exe ()
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk -> C:\Users\BrainWasheD\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk -> C:\Users\BrainWasheD\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe ()
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Uninstall Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OWUninstaller.exe (Overwolf Ltd.)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim\Hearthstone Deck Tracker.lnk -> C:\Users\BrainWasheD\AppData\Local\HearthstoneDeckTracker\HearthstoneDeckTracker.exe (HearthSim)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\EPSON Scan.lnk -> C:\Windows\twain_32\escndv\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\Users\Public\Desktop\Guild Wars 2.lnk -> A:\Program Files (x86)\Guild Wars 2\Gw2-64.exe (ArenaNet)
Shortcut: C:\Users\Public\Desktop\League of Legends.lnk -> D:\Riot Games\League of Legends\LeagueClient.exe ()
Shortcut: C:\Users\Public\Desktop\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe ()


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Database Compare 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office 2016 Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Spreadsheet Compare 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON Software Updater.lnk -> C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE (Seiko Epson Corporation) -> /ST
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software\EPSON-Handbücher.lnk -> C:\Program Files (x86)\Epson Software\Epson Manual\Launcher\EPSMLAN.EXE (Seiko Epson Corporation) -> /LA "DE" /FR "STARTMENU"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\MyEpson Portal.lnk -> C:\Program Files (x86)\epson\MyEpson Portal\mep.exe (Seiko Epson Corporation) -> /S
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology\ASM104x USB 3.0 Driver\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\BrainWasheD\Desktop\Discord.lnk -> C:\Users\BrainWasheD\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc\Discord.lnk -> C:\Users\BrainWasheD\AppData\Local\Discord\Update.exe (GitHub) -> --processStart Discord.exe
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\BrainWasheD\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2 Support Webseite.url -> URL: hxxp://support.guildwars2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2 Webseite.url -> URL: hxxp://www.guildwars2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EpsonLink\Epson Connect Site.url -> URL: hxxps://www.epsonconnect.com/?p=0
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\BrainWasheD\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\BrainWasheD\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\BrainWasheD\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\BrainWasheD\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\BrainWasheD\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\BrainWasheD\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\BrainWasheD\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\BrainWasheD\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\BrainWasheD\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\BrainWasheD\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\BrainWasheD\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\BrainWasheD\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\BrainWasheD\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\BrainWasheD\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\BrainWasheD\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\BrainWasheD\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\BrainWasheD\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\BrainWasheD\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\BrainWasheD\Favorites\Links\Vorgeschlagene Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\BrainWasheD\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315

==================== Ende vom Shortcut.txt =============================

M-K-D-B · 24.06.2017, 21:19

Servus,

ok, also so wie ich das sehe, kommt diese Weiterleitung von der Logitech Software, die du installiert hast:

Zitat:

Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)

Und da die Software immer automatisch mitstartet, werden dadurch die Tabs im Browser erzeugt:

Zitat:

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-06] (Logitech Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.)

Warum das von Logitech erzeugt wird, weiß ich nicht, auf jeden Fall kommt es davon. Scheint wohl ein Bug zu sein.

Brauchst du denn diese Software unbedingt?

BrainWasheD · 25.06.2017, 09:51

Da sowohl Headset, Maus als auch Keyboard von Logitech sind, wird diese mehr oder minder benötigt.

Grüße
Raphael

Nachtrag: Ich habe in der Logitech Software einfach sämtliche Optionen (besonders RSS Newsfeed) vom LCD ausgeschaltet - seitdem spamfrei.
Ich hoffe es bleibt dabei -> melde mich dann morgen nochmal.

Ich hab jetzt ein anderes Problem:

Windows 10 speichert meine Einstellungen der Standardapps nicht mehr. Nach jedem Reboot ist alles wieder resetted -> sei es Browser, Musik, Fotos...

Moin,

Also: Seitdem ich in Logitech die Keyboard Displayfunktionen ausgestellt habe keine Tabspams mehr - sobald ich anmache kommen diese wieder. Da das Display sowieso kaputt ist, bleibt es einfach aus.

Was das andere Problem angeht: Scheint als sei mein Benutzerkonto kaputt gewesen, habe ein neues erstellt mit gleichen Berechtigungen und das alte gelöscht, jetzt gehen die Einstellungen wieder.

Ich beobachte das mit den Tabs noch ein bisschen, wenn ich mich bis morgen Abend nicht nochmal hier melde ist alles in Ordnung.

Ich sagen schonmal vielen lieben Dank für deine Hilfe - ohne dich hätte ich das Problem nicht beheben können!

M-K-D-B · 25.06.2017, 12:19

Das hört sich doch gut an!

Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
Starte deinen Rechner zum Abschluss neu auf.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.

Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

Emsisoft Anti-Malware (kostenpflichtig)
ESET NOD32 Antivirus (kostenpflichtig)
Microsoft Security Essentials (kostenlos)

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.

Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Browser (Internet Explorer, Edge, Firefox, Chrome, Opera, etc.)
Flash-Player
Java
Adobe Reader

Optionale Browsererweiterungen

Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren
NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.

Grundsätzliches

Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Lesestoff:
Backup-/Image-Tools

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), ansonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor "Verschlüsselungstrojanern" zu schützen.

Du solltest dich für eines der folgenden Programmen entscheiden und damit regelmäßig deine Daten sichern.

Option 1 - Drivesnapshot
Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Screenshots:
http://www.drivesnapshot.de/images/startup.png
http://www.drivesnapshot.de/images/save3.png

Option 2 - Seagate DiscWizard
Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg

Option 3 - Acronis TrueImage WD Edition
Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg

BrainWasheD · 26.06.2017, 14:27

Hi,

Dem Anschein nach ist alles sauber!
Ich danke dir vielmals für deine Mühe - ohne dich hätte ich das nicht hinbekommen! =)

Beste Grüße
Raphael

M-K-D-B · 26.06.2017, 16:43

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine Profilnachricht inklusive Link zum Thema.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

23.06.2017, 20:26	#18
M-K-D-B /// TB-Ausbilder	New Tab spam durch "hosted.ap.org" bzw "Cincinnati Enquirer" Servus, tritt dein Problem nur in Google Chrome auf? __________________

New Tab spam durch "hosted.ap.org" bzw "Cincinnati Enquirer"

Plagegeister aller Art und deren Bekämpfung: New Tab spam durch "hosted.ap.org" bzw "Cincinnati Enquirer"