|
Plagegeister aller Art und deren Bekämpfung: Komische Ansage im HintergrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
21.06.2017, 13:28 | #16 |
| Komische Ansage im Hintergrund Auf ein neues, danke schonmal für die Mühe mit mir. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01 durchgeführt von Administrator (Administrator) auf BJOERN-PC (21-06-2017 14:25:35) Gestartet von C:\Users\Bjoern\Desktop Geladene Profile: Bjoern & Administrator (Verfügbare Profile: Bjoern & Administrator) Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: "C:\Users\Administrator\AppData\Local\Chromium\Application\chrome.exe" -- "%1") Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe (SSS) C:\Windows\System32\AudioDeviceService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Electronic Arts) F:\Games\EA\Origin\OriginWebHelperService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Microsoft Corporation) C:\Windows\System32\mshta.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sharkoon Technologies) C:\Program Files (x86)\Sharkoon X-Rest 7.1\Sharkoon X-Rest 7.1.exe (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Bjoern\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe (Razer, Inc.) C:\Users\Bjoern\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Valve Corporation) F:\Steam\Steam.exe (Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-24] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-06-12] (Dropbox, Inc.) HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc) HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] () HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2014-04-04] (Portrait Displays, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM-x32\...\Run: [Sharkoon X-Rest 7.1] => C:\Program Files (x86)\Sharkoon X-Rest 7.1\Sharkoon X-Rest 7.1.exe [9969664 2017-05-05] (Sharkoon Technologies) HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [17908944 2017-04-26] (Corsair Components, Inc.) HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Steam] => F:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation) HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.) HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-16] () HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Discord] => C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) HKU\S-1-5-21-564169924-83152284-3685802786-500\...\Run: [EADM] => F:\Games\EA\Origin\Origin.exe [3044848 2016-12-21] (Electronic Arts) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) Startup: C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2016-11-04] ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (Keine Datei) GroupPolicy: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{95d6df5f-6d95-4575-8670-198f87f81226}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{f73877c4-546b-4f8a-aa7b-3a67d503b4f6}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{fc9508cc-b61a-40a7-b221-d8fd1bf857fe}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-564169924-83152284-3685802786-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-564169924-83152284-3685802786-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation) BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Keine Datei Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\p4pq29x8.default [2016-11-14] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-12] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-11-05] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] () FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [104624 2017-06-14] () S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [Datei ist nicht signiert] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 AudioDeviceService; C:\WINDOWS\system32\AudioDeviceService.exe [2711552 2017-05-05] (SSS) [Datei ist nicht signiert] R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-04-29] () S4 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-17] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-17] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-06-12] (Dropbox, Inc.) R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2014-04-04] (Portrait Displays, Inc.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd) R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) S3 Origin Client Service; F:\Games\EA\Origin\OriginClientService.exe [2119688 2016-12-21] (Electronic Arts) R2 Origin Web Helper Service; F:\Games\EA\Origin\OriginWebHelperService.exe [2180624 2016-12-21] (Electronic Arts) S4 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-12-21] () R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-05-09] (Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178824 2017-05-09] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [43000 2017-04-13] (Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [27640 2017-04-13] (Corsair) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-20] () S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [27136 2016-09-23] (The OpenVPN Project) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-10] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [509728 2017-03-13] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-10] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-12] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-06-19] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-06-19] (AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-06-19] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-06-19] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-06-19] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-13] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-13] (AO Kaspersky Lab) S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-20] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-21] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-21] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-21] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-21] (Malwarebytes) R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51224 2016-02-04] (Razer Inc) R3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47640 2016-02-04] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.) R3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-12-18] (The OpenVPN Project) S3 UAExt; C:\WINDOWS\System32\DRIVERS\UAExt.sys [65456 2017-05-05] (Solid State System.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X] S3 dbx; system32\DRIVERS\dbx.sys [X] U3 idsvc; kein ImagePath S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-21 12:05 - 2017-06-21 12:05 - 00000017 _____ C:\Users\Bjoern\AppData\Local\resmon.resmoncfg 2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype 2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Corsair 2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\Corsair 2017-06-21 11:33 - 2017-06-21 12:12 - 00090777 _____ C:\Users\Bjoern\Desktop\Addition.txt 2017-06-21 11:33 - 2017-06-21 11:33 - 00091474 _____ C:\Users\Administrator\Desktop\Addition.txt 2017-06-21 11:32 - 2017-06-21 14:25 - 00029860 _____ C:\Users\Bjoern\Desktop\FRST.txt 2017-06-21 09:16 - 2017-06-21 09:16 - 00000216 _____ C:\Users\Bjoern\Documents\kaspersky.txt 2017-06-20 23:21 - 2017-06-20 23:21 - 05659652 _____ (Swearware) C:\Users\Bjoern\Downloads\ComboFix.exe 2017-06-20 23:19 - 2017-06-20 23:19 - 00064919 _____ C:\Users\Bjoern\Downloads\Shortcut.txt 2017-06-20 23:19 - 2017-06-20 23:19 - 00060045 _____ C:\Users\Bjoern\Downloads\Addition.txt 2017-06-20 23:18 - 2017-06-21 14:25 - 00000000 ____D C:\FRST 2017-06-20 23:18 - 2017-06-20 23:20 - 00164602 _____ C:\Users\Bjoern\Downloads\FRST.txt 2017-06-20 23:17 - 2017-06-20 23:17 - 02439680 _____ (Farbar) C:\Users\Bjoern\Desktop\FRST64.exe 2017-06-20 22:59 - 2017-06-21 13:13 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-06-20 22:59 - 2017-06-21 11:59 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-06-20 22:59 - 2017-06-21 11:59 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-06-20 22:59 - 2017-06-21 11:59 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-06-20 22:59 - 2017-06-20 23:11 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-06-20 22:59 - 2017-06-20 22:59 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-06-20 22:59 - 2017-06-20 22:59 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-06-20 22:59 - 2017-06-20 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-06-20 22:59 - 2017-06-20 22:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-06-20 22:59 - 2017-06-20 22:59 - 00000000 ____D C:\Program Files\Malwarebytes 2017-06-20 22:58 - 2017-06-20 22:59 - 64025992 _____ (Malwarebytes ) C:\Users\Bjoern\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe 2017-06-20 13:53 - 2017-06-20 13:54 - 00181006 _____ C:\Users\Bjoern\Downloads\12_09_24_Bekanntgabeprotokoll_01.pdf 2017-06-20 08:49 - 2017-06-20 08:49 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk 2017-06-20 08:49 - 2017-06-20 08:49 - 00000000 ____D C:\Program Files (x86)\Amazon 2017-06-19 16:02 - 2017-06-19 16:02 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys 2017-06-19 13:28 - 2017-06-19 13:28 - 00251664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2017-06-19 13:27 - 2017-06-19 13:27 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2017-06-19 13:27 - 2017-06-19 13:27 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2017-06-19 13:27 - 2017-06-19 13:27 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 2017-06-17 14:51 - 2017-06-17 14:51 - 00000000 ____D C:\ProgramData\McAfee 2017-06-15 18:51 - 2017-06-15 18:51 - 03426824 _____ C:\Users\Bjoern\Downloads\ElvUI_SLE.zip 2017-06-15 18:44 - 2017-06-15 18:44 - 03341843 _____ C:\Users\Bjoern\Downloads\elvui-10.54.zip 2017-06-15 18:43 - 2017-06-15 18:43 - 10307073 _____ C:\Users\Bjoern\Downloads\SLE_Custom_Textures_Version_2.zip 2017-06-14 21:22 - 2017-06-14 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-06-14 14:50 - 2017-06-14 14:50 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2 2017-06-14 14:14 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-06-14 14:14 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-06-14 14:14 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-06-14 14:14 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-06-14 14:14 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-06-14 14:14 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-06-14 14:14 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-06-14 14:14 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-06-14 14:14 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-06-14 14:14 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-06-14 14:14 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-06-14 14:14 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-06-14 14:14 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-06-14 14:14 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-06-14 14:14 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-06-14 14:14 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-06-14 14:14 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-06-14 14:14 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-06-14 14:14 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-06-14 14:14 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-06-14 14:14 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-06-14 14:14 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-06-14 14:14 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-06-14 14:14 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2017-06-14 14:14 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2017-06-14 14:14 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2017-06-14 14:14 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-06-14 14:14 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-06-14 14:14 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-06-14 14:14 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-06-14 14:14 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-06-14 14:14 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2017-06-14 14:14 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-06-14 14:14 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-06-14 14:14 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2017-06-14 14:14 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2017-06-14 14:14 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-06-14 14:14 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-06-14 14:14 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-06-14 14:14 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-06-14 14:14 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-06-14 14:14 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-06-14 14:14 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-06-14 14:14 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-06-14 14:14 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-06-14 14:14 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-06-14 14:14 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-06-14 14:14 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-06-14 14:14 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-06-14 14:14 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll 2017-06-14 14:14 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-06-14 14:14 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll 2017-06-14 14:14 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-06-14 14:14 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-06-14 14:14 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2017-06-14 14:14 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll 2017-06-14 14:14 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2017-06-14 14:14 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-06-14 14:14 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-06-14 14:14 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-06-14 14:14 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-06-14 14:14 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-06-14 14:14 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-06-14 14:14 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-06-14 14:14 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-06-14 14:14 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-06-14 14:14 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-06-14 14:14 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-06-14 14:14 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-06-14 14:14 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-06-14 14:14 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll 2017-06-14 14:14 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-06-14 14:14 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-06-14 14:14 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll 2017-06-14 14:14 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll 2017-06-14 14:14 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2017-06-14 14:14 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-06-14 14:14 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-06-14 14:14 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-06-14 14:14 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-06-14 14:14 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-06-14 14:14 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-06-14 14:14 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-06-14 14:14 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-06-14 14:14 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2017-06-14 14:14 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-06-14 14:14 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll 2017-06-14 14:14 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-06-14 14:14 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-06-14 14:14 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-06-14 14:14 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-06-14 14:14 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-06-14 14:14 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-06-14 14:14 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-06-14 14:14 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-06-14 14:14 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-06-14 14:14 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-06-14 14:14 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-06-14 14:14 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-06-14 14:14 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-06-14 14:14 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-06-14 14:14 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-06-14 14:14 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-06-14 14:14 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2017-06-14 14:14 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-06-14 14:14 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-06-14 14:14 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-06-14 14:14 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-06-14 14:14 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-06-14 14:14 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-06-14 14:14 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-06-14 14:14 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-06-14 14:14 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-06-14 14:14 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll 2017-06-14 14:14 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-06-14 14:14 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-06-14 14:14 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-06-14 14:14 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-06-14 14:14 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-06-14 14:14 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-06-14 14:14 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe 2017-06-14 14:14 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-06-14 14:14 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-06-14 14:14 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-06-14 14:14 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2017-06-14 14:14 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2017-06-14 14:13 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-06-14 14:13 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-06-14 14:13 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-06-14 14:13 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-06-14 14:13 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2017-06-14 14:13 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-06-14 14:13 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-06-14 14:13 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-06-14 14:13 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-06-14 14:13 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-06-14 14:13 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll 2017-06-14 14:13 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2017-06-14 14:13 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-06-14 14:13 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll 2017-06-14 14:13 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2017-06-14 14:13 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls 2017-06-12 13:55 - 2017-06-12 13:55 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-06-10 17:57 - 2017-06-10 17:57 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsign5dc76923ff4851be 2017-06-10 17:56 - 2017-06-10 17:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsign810c360305acd83c 2017-06-10 07:50 - 2017-06-10 07:50 - 00000000 ___HD C:\adobeTemp 2017-06-10 07:47 - 2017-06-19 23:27 - 00000000 ___RD C:\Users\Bjoern\Creative Cloud Files 2017-06-10 07:47 - 2017-06-10 07:47 - 00003662 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bjoern.caduff@gmail.com 2017-06-10 07:47 - 2017-06-10 07:47 - 00000000 ____D C:\Users\Bjoern\Documents\Adobe 2017-06-10 07:47 - 2017-06-10 07:47 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsigncd10a6e43e839649 2017-06-10 07:42 - 2017-06-19 23:37 - 00000000 ____D C:\Program Files\Adobe 2017-06-10 07:36 - 2017-06-10 07:36 - 02115464 _____ (Adobe Systems Incorporated) C:\Users\Bjoern\Downloads\After_Effects_Set-Up.exe 2017-06-10 07:16 - 2017-06-10 07:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DisplayTune 2017-06-10 07:16 - 2017-06-10 07:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\DisplayTune 2017-06-10 07:15 - 2017-06-21 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform 2017-06-10 07:15 - 2017-06-10 07:15 - 00001248 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk 2017-06-10 07:15 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore 2017-06-10 07:15 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comms 2017-06-09 16:56 - 2017-06-09 16:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Meltytech 2017-06-09 16:55 - 2017-06-09 16:55 - 173083960 _____ C:\Users\Bjoern\Downloads\20170509_141173672_PLAYERUNKNOWN'S BATTLEGROUNDS.mp4 2017-06-09 16:52 - 2017-06-09 16:55 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Twitch Leecher 2017-06-09 16:51 - 2017-06-09 16:51 - 18156716 _____ (Fake Smile Revolution) C:\Users\Bjoern\Downloads\TwitchLeecher_1.3.8_x64.exe 2017-06-09 15:35 - 2017-06-02 16:52 - 75361048 _____ C:\Users\Administrator\Downloads\shotcut-win32-170601.exe 2017-06-09 15:35 - 2017-06-02 16:52 - 192421664 _____ C:\Users\Administrator\Downloads\shotcut-win64-170601.exe 2017-06-09 15:28 - 2017-06-09 15:29 - 267152505 _____ C:\Users\Administrator\Downloads\shotcut-170601.zip 2017-06-09 15:24 - 2017-06-09 15:28 - 01496584 _____ C:\Users\Bjoern\Downloads\Shotcut - CHIP-Installer.exe 2017-06-07 20:22 - 2017-06-07 20:22 - 00000324 _____ C:\Users\Administrator\Desktop\Restream Chat.appref-ms 2017-06-07 20:22 - 2017-06-07 20:22 - 00000000 ____D C:\Users\Administrator\Documents\RestreamChat 2017-06-07 20:22 - 2017-06-07 20:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Restream.io 2017-06-07 20:21 - 2017-06-07 21:22 - 00000000 ____D C:\Users\Administrator\AppData\Local\Deployment 2017-06-07 20:21 - 2017-06-07 20:21 - 00271072 _____ C:\Users\Bjoern\Downloads\RestreamChatSetup.exe 2017-06-07 20:21 - 2017-06-07 20:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apps\2.0 2017-06-05 23:11 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2017-06-05 23:11 - 2017-06-05 23:11 - 00002332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-06-05 23:11 - 2017-06-05 23:11 - 00002320 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-06-05 23:10 - 2017-06-05 23:11 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Google 2017-06-05 23:10 - 2017-06-05 23:11 - 00000000 ____D C:\Program Files (x86)\Google 2017-06-05 23:10 - 2017-06-05 23:10 - 01130328 _____ (Google Inc.) C:\Users\Bjoern\Downloads\ChromeSetup.exe 2017-06-05 23:10 - 2017-06-05 23:10 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-06-05 23:10 - 2017-06-05 23:10 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-06-04 22:21 - 2017-06-04 22:21 - 02419882 _____ C:\Users\Bjoern\Downloads\igel karl.zip 2017-06-04 19:18 - 2017-06-04 19:18 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-06-04 19:18 - 2017-06-04 19:18 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2017-06-04 19:16 - 2017-06-04 19:16 - 15507008 _____ (TeamViewer GmbH) C:\Users\Bjoern\Downloads\teamviewer_setup.exe 2017-06-02 07:36 - 2017-06-02 07:36 - 00493888 _____ C:\WINDOWS\system32\Drivers\mozart_12334867159_fw_dump.cmm 2017-05-27 11:50 - 2017-05-27 11:50 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Users\Bjoern\AppData\Local\paint.net 2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\paint.net 2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Program Files\paint.net 2017-05-27 11:49 - 2017-05-27 11:49 - 07067928 _____ C:\Users\Administrator\Downloads\paint.net.4.0.16.install.zip 2017-05-27 11:49 - 2017-04-16 23:26 - 07094520 _____ C:\Users\Administrator\Downloads\paint.net.4.0.16.install.exe 2017-05-27 11:47 - 2017-05-27 11:48 - 01496584 _____ C:\Users\Bjoern\Downloads\Paint NET - CHIP-Installer.exe 2017-05-26 18:31 - 2017-05-26 18:31 - 00131713 _____ C:\Users\Bjoern\Downloads\outer-space-8d8f.cueprofile 2017-05-26 18:28 - 2017-05-26 18:29 - 00113401 _____ C:\Users\Bjoern\Downloads\world-of-warcraft---azeroth-99cf.cueprofile 2017-05-26 18:26 - 2017-05-26 18:26 - 00131713 _____ C:\Users\Bjoern\Downloads\outer-space-e020.cueprofile 2017-05-26 18:23 - 2017-05-26 18:23 - 00113401 _____ C:\Users\Bjoern\Downloads\world-of-warcraft---azeroth-5ac5.cueprofile 2017-05-26 18:21 - 2017-05-26 18:21 - 00124727 _____ C:\Users\Bjoern\Downloads\blue-embers-117e.cueprofile 2017-05-26 17:42 - 2017-05-26 17:42 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Corsair 2017-05-26 17:42 - 2017-05-26 17:42 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Corsair 2017-05-26 17:41 - 2017-05-26 17:41 - 00001199 _____ C:\Users\Public\Desktop\Corsair Utility Engine.lnk 2017-05-26 17:41 - 2017-05-26 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine 2017-05-26 17:41 - 2017-05-26 17:41 - 00000000 ____D C:\Program Files (x86)\Corsair 2017-05-26 17:40 - 2017-05-26 17:41 - 168284160 _____ C:\Users\Bjoern\Downloads\CorsairUtilityEngineSetup_2.13.80_release.msi 2017-05-25 20:00 - 2017-05-25 20:00 - 25483032 _____ (Sony Corporation) C:\Users\Bjoern\Downloads\EP0000260866.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-21 14:21 - 2016-09-23 17:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-06-21 13:38 - 2016-02-16 23:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-06-21 12:48 - 2016-11-18 22:42 - 00000000 ____D C:\Users\Bjoern\AppData\LocalLow\Mozilla 2017-06-21 12:05 - 2016-09-23 17:48 - 06779426 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-06-21 12:05 - 2016-07-17 00:51 - 03307990 _____ C:\WINDOWS\system32\perfh007.dat 2017-06-21 12:05 - 2016-07-17 00:51 - 00908542 _____ C:\WINDOWS\system32\perfc007.dat 2017-06-21 12:00 - 2016-02-17 16:44 - 00000000 ___RD C:\Users\Bjoern\OneDrive 2017-06-21 12:00 - 2016-02-16 23:45 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Raptr 2017-06-21 11:59 - 2016-09-23 17:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-06-21 11:59 - 2016-09-23 17:47 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-06-21 11:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-06-21 11:59 - 2016-07-16 08:04 - 03932160 _____ C:\WINDOWS\system32\config\BBI 2017-06-21 11:58 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-06-21 11:58 - 2016-03-29 15:59 - 00002442 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-06-21 11:58 - 2016-03-29 15:59 - 00000000 ___RD C:\Users\Administrator\OneDrive 2017-06-21 11:58 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\Dropbox 2017-06-21 11:58 - 2016-03-29 15:52 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages 2017-06-21 11:57 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr 2017-06-21 11:57 - 2016-02-18 18:34 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-06-21 11:33 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2017-06-21 10:16 - 2016-02-17 00:06 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Battle.net 2017-06-21 10:15 - 2016-02-17 00:06 - 00000000 ____D C:\Program Files (x86)\Battle.net 2017-06-21 10:14 - 2016-11-18 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-06-21 10:14 - 2016-02-16 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-06-21 09:49 - 2016-02-18 20:14 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\obs-studio 2017-06-21 09:43 - 2016-02-19 20:24 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\TS3Client 2017-06-21 01:40 - 2016-02-28 14:49 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\vlc 2017-06-21 01:38 - 2016-11-05 16:39 - 00000000 ____D C:\Users\Bjoern\Documents\Citavi 5 2017-06-20 15:18 - 2016-02-17 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-06-20 14:26 - 2016-09-23 17:48 - 00000000 ____D C:\Users\Bjoern 2017-06-20 09:00 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-06-19 23:39 - 2016-09-23 17:47 - 00000000 ____D C:\ProgramData\Package Cache 2017-06-19 23:38 - 2016-02-23 20:26 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-06-19 23:38 - 2016-02-18 16:11 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Adobe 2017-06-19 23:37 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2017-06-19 23:35 - 2016-09-01 13:35 - 00001135 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-06-19 23:28 - 2016-02-23 20:26 - 00000000 ____D C:\ProgramData\Adobe 2017-06-19 23:27 - 2016-02-18 20:33 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Adobe 2017-06-18 18:13 - 2016-02-17 00:06 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Battle.net 2017-06-17 14:51 - 2016-10-30 18:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe 2017-06-17 14:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-06-17 14:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-06-17 14:50 - 2016-02-17 00:08 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Apps\2.0 2017-06-17 10:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2017-06-17 09:10 - 2016-03-12 13:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-06-16 22:52 - 2016-11-23 19:46 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Curse Client 2017-06-14 21:22 - 2016-02-17 21:11 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-06-14 21:21 - 2017-04-29 20:26 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\discord 2017-06-14 20:14 - 2016-09-23 17:46 - 00226896 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-06-14 20:14 - 2016-02-27 15:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-06-14 20:14 - 2016-02-27 15:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-06-14 14:50 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-06-14 14:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-06-14 14:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-06-14 14:22 - 2016-02-16 23:30 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-06-14 14:19 - 2016-02-27 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-06-14 14:19 - 2016-02-16 23:30 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-06-14 14:18 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-06-14 14:04 - 2016-09-23 17:48 - 00000000 ____D C:\Users\Administrator 2017-06-13 19:29 - 2016-12-09 20:27 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-06-13 19:29 - 2016-02-18 18:36 - 00002421 _____ C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-06-11 18:54 - 2016-02-27 22:43 - 00000000 ____D C:\Users\Bjoern\AppData\Local\JDownloader v2.0 2017-06-10 07:16 - 2017-05-05 11:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Sharkoon X-Rest 7.1 2017-06-10 07:15 - 2016-02-18 18:26 - 00000000 ____D C:\Program Files (x86)\Razer 2017-06-09 15:27 - 2017-05-08 17:33 - 00000000 ____D C:\Users\Bjoern\Desktop\Twitch 2017-06-04 22:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-06-03 10:11 - 2016-02-16 23:26 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-05-31 19:34 - 2016-02-17 21:10 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Dropbox 2017-05-28 09:28 - 2016-02-18 18:34 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Packages ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-03-29 15:53 - 2016-03-29 15:53 - 0000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Bjoern\Razer Synapse Tournament Drivers 20161016_0957.exe C:\Users\Bjoern\Razer Synapse Tournament Drivers 20170127_1855.exe Einige Dateien in TEMP: ==================== 2017-01-14 12:56 - 2012-06-13 11:17 - 0727712 ____N (CANON INC.) C:\Users\Administrator\AppData\Local\Temp\MPDD0000.exe 2017-06-10 22:25 - 2017-06-10 22:25 - 0040448 ____N () C:\Users\Bjoern\AppData\Local\Temp\proxy_vole3116863511110200310.dll 2017-06-19 23:34 - 2017-06-19 23:35 - 30950664 _____ () C:\Users\Bjoern\AppData\Local\Temp\vlc-2.2.6-win32.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-06-13 18:34 ==================== Ende von FRST.txt ============================ |
21.06.2017, 13:28 | #17 |
| Komische Ansage im HintergrundCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-06-2017 01 durchgeführt von Administrator (21-06-2017 14:25:58) Gestartet von C:\Users\Bjoern\Desktop Windows 10 Home Version 1607 (X64) (2016-09-23 15:54:47) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-564169924-83152284-3685802786-500 - Administrator - Enabled) => C:\Users\Administrator Bjoern (S-1-5-21-564169924-83152284-3685802786-1000 - Administrator - Enabled) => C:\Users\Bjoern DefaultAccount (S-1-5-21-564169924-83152284-3685802786-503 - Limited - Disabled) Gast (S-1-5-21-564169924-83152284-3685802786-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-564169924-83152284-3685802786-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7 Days to Die (HKLM\...\Steam App 251570) (Version: - The Fun Pimps) ACP Application (Version: 2016.0718.1650.38 - Advanced Micro Devices, Inc.) Hidden adbLink version 3.00 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 3.00 - jocala.com) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated) Age of Conquest IV (HKLM\...\Steam App 314970) (Version: - Noble Master LLC) Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version: - Ensemble Studios) Amazon Assistant (HKLM-x32\...\{AA8C14D6-B69F-44A8-8F52-AE1BF8B99B4F}) (Version: 10.17.0612 - Amazon) <==== ACHTUNG AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft) Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard) Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts) Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version: - Infinity Ward) Call of Duty: Modern Warfare Remastered - Multiplayer (HKLM\...\Steam App 393100) (Version: - Raven Software) Call of Duty: Modern Warfare Remastered (HKLM\...\Steam App 393080) (Version: - Raven Software) Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH) Chromium (HKU\S-1-5-21-564169924-83152284-3685802786-500\...\Chromium) (Version: 51.0.2683.0 - Chromium) Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.4.0.2 - Swiss Academic Software) Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Corsair Utility Engine (HKLM-x32\...\{AD19976A-08A1-4E11-862D-256178BF9864}) (Version: 2.13.80 - Corsair) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve) Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse) Curse Client (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse) Day of Defeat: Source (HKLM\...\Steam App 300) (Version: - Valve) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio) Discord (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.15.008 - Portrait Displays, Inc.) DOOM Open Beta (HKLM\...\Steam App 350470) (Version: - id Software) Dropbox (HKLM-x32\...\Dropbox) (Version: 28.4.14 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts) Far Cry® 3 (HKLM\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai) Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.) FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN) Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version: - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Grand Theft Auto V - The Manual (HKLM-x32\...\{752EBD91-8B95-42B5-8692-A7243A6EEEA9}) (Version: 1.0.0 - Rockstar Games) Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Heavy Bullets (HKLM-x32\...\c7325e58-5895-4667-81a2-1854397fbb43) (Version: - DFE5J) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HP Dropbox Plugin (HKLM-x32\...\{30AE8906-4419-403F-86D3-5FC9AA4BEEF6}) (Version: 36.0.49.62779 - HP) HP Google Drive Plugin (HKLM-x32\...\{8A472621-0EA0-4FC5-9F7F-7043778F12AB}) (Version: 36.0.49.62779 - HP) HP OfficeJet Pro 6960 - Grundlegende Software für das Gerät (HKLM\...\{15105C5B-BB1E-429C-81B3-8797466C07DA}) (Version: 39.4.1979.16354 - HP Inc.) HP OfficeJet Pro 6960 Hilfe (HKLM-x32\...\{88A76160-F03B-4B0E-835F-87A061B674E4}) (Version: 39.0.0 - HP) HP OneDrive Plugin (HKLM-x32\...\{8B956FB3-FD54-4C58-8256-8103F0D91B77}) (Version: 36.0.0.0 - HP) I.R.I.S. OCR (HKLM-x32\...\{77374D45-3BBF-4633-A2DF-188CD2106A67}) (Version: 12.3.7.0 - HP) inCloak VPN (HKLM-x32\...\{F838701D-CCCA-4238-91CE-BEA41AABA04A}) (Version: 1.22 - inCloak Network Ltd.) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation) Jagged Alliance - Back in Action (HKLM\...\Steam App 57740) (Version: - Coreplay GmbH) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.8201.2102 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-564169924-83152284-3685802786-500\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Might & Magic Heroes VI (HKLM-x32\...\Uplay Install 44) (Version: - Ubisoft) Mordheim: City of the Damned (HKLM\...\Steam App 276810) (Version: - Rogue Factor) Mozilla Firefox 54.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 de)) (Version: 54.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Orcs Must Die! Unchained (HKLM\...\Steam App 427270) (Version: - Robot Entertainment) Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.) paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC) Pivot Pro Plugin (x32 Version: 9.61.004 - Portrait Displays, Inc.) Hidden PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.) PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version: - ) PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.21.0-r121815-release - Plays.tv, LLC) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.2.4 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Restream Chat (HKU\S-1-5-21-564169924-83152284-3685802786-500\...\5574fe55cba0ac1f) (Version: 2.2.1.38 - Restream.io) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games) SDK (x32 Version: 2.40.012 - Portrait Displays, Inc.) Hidden Sharkoon X-Rest 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 1.1.16.8 - Sharkoon Technologies) Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.97.4382 - Electronic Arts) Sparta (HKU\S-1-5-21-564169924-83152284-3685802786-500\...\Sparta) (Version: - Sparta) <==== ACHTUNG StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Studie zur Verbesserung von HP OfficeJet Pro 6960 (HKLM\...\{0C643588-3357-44CA-A6C7-3DEFC84598F0}) (Version: 39.4.1979.16354 - HP Inc.) System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer) The Talos Principle (HKLM\...\Steam App 257510) (Version: - Croteam) tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG) Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.0.3 - Electronic Arts, Inc.) Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft) TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster) Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch) Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-564169924-83152284-3685802786-1000_Classes\CLSID\{5743f98d-03a5-429a-bbf2-cf689b0838ce}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0B572CF7-16A9-41B7-9F2B-E25984AFCE4D} - System32\Tasks\{0C0E2EF5-6184-4ED8-94B0-AA9FEDBBB092} => C:\Users\Bjoern\Downloads\LGS_8.79.77_x64_Logitech(5).exe [2016-02-18] (Logitech Inc.) Task: {0C28C420-CBEB-49A7-8BF7-BA6CED90D5CF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0EC1EB9B-5BE8-4E0C-9879-E554261A1CA6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {11D3A6B0-D88E-445E-AB62-1994AB29AC2A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {13CECC4D-D73F-4085-92EC-BD593FC22D8B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {1466B3E9-3C63-406B-AF09-5360A0A7196E} - System32\Tasks\HPCustPartic.exe_{BC84BEF4-9F45-4152-9C2C-A9D37F852002} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.) Task: {169360AB-9628-4148-95AD-4B50B4FFC551} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {198AFF7A-448F-4BCD-8535-EA1553EB7454} - System32\Tasks\{DB291251-33CE-4CF5-943F-3C0B4EB63C44} => C:\Users\Bjoern\Downloads\LGS_8.79.77_x64_Logitech(5).exe [2016-02-18] (Logitech Inc.) Task: {2BDEEB32-A766-4B15-8121-05739AA57ACB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-17] (Dropbox, Inc.) Task: {35A179DB-F28E-4B48-BCBA-F3EDD30E0917} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {38D3548C-32A2-495E-A002-91A8FB4D12D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {3AA96B27-F684-4B4E-A6A0-E34E415E304F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-05] (Google Inc.) Task: {3BDC8660-B17C-4F59-8531-CD7FEA6A87A0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bjoern.caduff@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {3C2CF6E6-9E3A-443C-BF2D-D65B8F6ECE51} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {3D59AC35-9BAA-4B24-9E9A-208A26A36A2B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] () Task: {3E8EA0D4-DAE7-4222-936C-B9C36EAC46E3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {42B8C1EF-F92E-404F-83D9-1577C4717E0A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4B645A68-933F-4965-8787-3FADBEA2C8AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {50336CCA-4498-4375-8834-10A20E6DA1F0} - System32\Tasks\ScanToPCActivationApp.exe_{75EB032B-2975-406D-88FB-2FFB125E4B3D} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\ScanToPCActivationApp.exe [2016-12-19] (HP Inc.) Task: {594F6BAD-A14C-4A7A-8235-35BA32E0A262} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {610E93EF-1973-4852-ABB3-D7D4647CD957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {71611240-8CF4-4E28-9125-C68828D8993D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {75A59B23-2A2F-435A-8EC2-9AC82BFC04DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation) Task: {77A9F491-B51F-4118-8C34-CF3B5552FAFC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {789D8861-C318-4D2A-BC8A-407C9800353E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.) Task: {7BB3AC92-9677-47E1-BEA5-C1342EDF167E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {7E409B5F-D9E7-41A0-A471-18015B36FF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {7EC901A1-B04C-466F-9EDE-FA4F873F4044} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation) Task: {900C4667-D038-4592-92DE-D1CC360DDCAF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {90267BE0-F96F-428B-BB62-461E511B59A6} - System32\Tasks\HPCustPartic.exe_{817608E4-C049-41EA-B311-A52598BB8965} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.) Task: {91A30F08-3845-4C6D-B4FB-A064AB0AF79E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Bjoern\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {93D09D89-EABF-443C-BC31-A88EEEDA621F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {98EECE31-5197-47BA-AD28-CF713F3634D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG Task: {9D7F60EC-3FB6-4BFC-9A54-41FC99EDDC43} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9F2B2554-5AFB-4B2D-BBCF-3913697261E1} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe Task: {A4DFE095-8066-44EE-BAB7-B3BD3692E58A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {A55B29AF-7F27-4025-9ED8-116FCCB9C7B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-05] (Google Inc.) Task: {AE24B250-E2E0-4277-BEB8-4A15D522D1F3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated) Task: {B0886CDD-DD45-4D58-AE65-A234DB1293EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {BD4DCC5C-E953-4983-9643-B4912FED14B0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C39C45AE-DEC4-4031-A07D-A753E70E98D8} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 6960 => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.) Task: {C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {CBA401E0-42F5-4560-81C4-C55E532EDB81} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {CC9F81AD-EBE9-473E-83FC-8BEBD3505ED7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CFF0D3DC-2AF1-49F2-B8A3-D00DE06BFDAB} - System32\Tasks\FaxApplications.exe_{C7C9E516-0EBD-4E50-A6B1-DF45B79396D9} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\FaxApplications.exe [2016-12-19] (HP Inc.) Task: {D338BC63-55B5-4723-B29A-FD1737A68396} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DA9E00C8-FEAC-49BD-885F-A6D6BA58526C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DAB8FEC9-6F96-49A4-8529-B453A28C0E19} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] () Task: {DFD7912D-89C4-4C4B-875C-270F6836337B} - System32\Tasks\Toolbox.exe_{A6A62D22-F6A9-43DC-941D-15C2F1D09015} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\Toolbox.exe [2016-12-19] (HP Inc.) Task: {EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {EC20AF13-6AEA-40FD-B9A0-3F1472C519BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F37D229B-5588-455E-BE29-1F4DFEA9C440} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-17] (Dropbox, Inc.) Task: {F8817B1A-9273-4EC5-B716-DF0D7B8E65AA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Administrator\Desktop\Sparta.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://plarium.com/play/de/sparta/001_top?adCampaign=85537&clickID=yBzztByE0A0FtAtAzzyByCyBtA0D0EyC&publisherID=102 ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparta\Sparta.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://plarium.com/play/de/sparta/001_top?adCampaign=85537&clickID=yBzztByE0A0FtAtAzzyByCyBtA0D0EyC&publisherID=102 ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Sparta.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://plarium.com/play/de/sparta/001_top?adCampaign=85537&clickID=yBzztByE0A0FtAtAzzyByCyBtA0D0EyC&publisherID=102 ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-06-14 14:14 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-08-29 13:55 - 2014-04-04 15:10 - 00098320 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll 2017-06-14 13:11 - 2017-06-14 13:11 - 00104624 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe 2017-06-14 13:12 - 2017-06-14 13:12 - 00159408 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll 2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-09-23 17:46 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-06-20 22:59 - 2017-06-20 23:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-12-21 21:13 - 2016-12-21 21:13 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-08-29 13:55 - 2014-04-04 15:10 - 00275472 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2016-09-23 18:43 - 2016-09-23 18:43 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 20:54 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-06-21 07:42 - 2017-06-21 07:42 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-06-21 07:42 - 2017-06-21 07:42 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-06-21 07:42 - 2017-06-21 07:42 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-06-21 07:42 - 2017-06-21 07:42 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll 2017-04-07 08:37 - 2017-04-07 08:37 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2016-08-29 13:55 - 2013-06-18 12:26 - 00677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe 2016-08-29 13:55 - 2013-06-18 12:26 - 00714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe 2016-08-29 13:55 - 2014-04-04 15:10 - 00163344 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe 2016-08-29 13:55 - 2014-04-04 15:10 - 00197136 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe 2017-03-14 20:55 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 20:55 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 20:55 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-06-14 14:14 - 2017-06-03 10:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-06-14 14:14 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-06-14 14:14 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-06-01 17:39 - 2017-06-01 17:39 - 23661056 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe 2017-06-01 17:39 - 2017-06-01 17:39 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-05-26 15:24 - 2017-05-26 15:24 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-20 08:54 - 2017-06-20 08:54 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-06-20 08:54 - 2017-06-20 08:54 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-06-03 16:38 - 2017-06-03 16:38 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-06-03 16:38 - 2017-06-03 16:38 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-06-03 16:38 - 2017-06-03 16:38 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-03 16:38 - 2017-06-03 16:38 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2016-06-03 18:04 - 2016-06-03 18:05 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2017-06-03 16:38 - 2017-06-03 16:38 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-05-05 14:55 - 2017-05-05 14:55 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2016-03-04 14:40 - 2016-03-04 14:40 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2017-06-01 17:39 - 2017-06-01 17:39 - 30965760 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe 2017-06-01 17:39 - 2017-06-01 17:39 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-05-26 15:24 - 2017-05-26 15:24 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll 2016-09-23 17:46 - 2017-06-21 11:59 - 00029696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2016-09-23 17:46 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2016-10-07 13:48 - 2016-12-21 21:23 - 02493440 _____ () F:\Games\EA\Origin\libGLESv2.dll 2016-08-29 13:55 - 2014-04-04 15:10 - 00093712 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll 2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll 2017-06-14 21:22 - 2017-06-12 13:52 - 00775488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2017-06-14 21:22 - 2017-06-12 13:52 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2016-02-17 21:12 - 2017-06-12 13:52 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-02-17 21:12 - 2017-06-12 13:54 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-02-17 21:12 - 2017-06-12 13:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-08-06 15:27 - 2017-06-12 13:55 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-06-14 21:22 - 2017-06-12 13:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-02-17 21:12 - 2017-06-12 13:54 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-08-06 15:27 - 2017-06-12 13:55 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-05-15 19:31 - 2017-06-12 13:55 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2016-02-17 21:12 - 2017-06-12 13:55 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-03-01 18:41 - 2017-06-12 13:55 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-01-25 19:47 - 2017-06-12 13:55 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2016-04-15 16:36 - 2017-06-12 13:55 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2017-01-25 19:47 - 2017-06-12 13:55 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-01-25 19:47 - 2017-06-12 13:55 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-01-25 19:47 - 2017-06-12 13:55 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2016-02-17 21:12 - 2017-06-12 13:55 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-06-14 21:22 - 2017-06-12 13:54 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-06-14 21:22 - 2017-06-12 13:54 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-07-16 18:36 - 2017-06-12 13:54 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2017-06-14 21:22 - 2017-06-12 13:52 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2016-08-06 15:27 - 2017-06-12 13:55 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-04-09 16:51 - 2017-06-12 13:54 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd 2017-05-04 21:01 - 2017-05-04 21:01 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd 2015-05-08 03:38 - 2015-05-08 03:38 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll 2015-05-08 03:37 - 2015-05-08 03:37 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd 2015-05-08 03:49 - 2015-05-08 03:49 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll 2015-05-08 03:39 - 2015-05-08 03:39 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd 2015-11-13 23:59 - 2015-11-13 23:59 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll 2015-11-13 23:59 - 2015-11-13 23:59 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll 2015-05-08 03:37 - 2015-05-08 03:37 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd 2015-05-08 03:38 - 2015-05-08 03:38 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll 2015-05-08 03:38 - 2015-05-08 03:38 - 00263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd 2015-11-13 23:58 - 2015-11-13 23:58 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll 2016-08-29 13:55 - 2014-04-04 15:10 - 00187920 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll 2017-05-22 12:13 - 2017-05-22 12:13 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 50656768 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll 2015-05-08 03:39 - 2015-05-08 03:39 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd 2017-05-04 19:33 - 2017-05-04 19:33 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd 2015-05-08 03:49 - 2015-05-08 03:49 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll 2015-05-08 03:55 - 2015-05-08 03:55 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll 2017-04-26 15:26 - 2017-04-26 15:26 - 00044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll 2017-04-26 15:27 - 2017-04-26 15:27 - 00199680 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll 2017-04-26 15:37 - 2017-04-26 15:37 - 00086528 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll 2017-04-26 15:26 - 2017-04-26 15:26 - 00097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll 2016-12-01 13:28 - 2016-12-01 13:28 - 01983488 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll 2016-12-01 13:28 - 2016-12-01 13:28 - 00013824 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL 2017-03-20 13:20 - 2016-10-08 09:13 - 50656768 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 01874944 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 00075264 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 01874944 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 00075264 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll 2016-02-17 19:43 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\SDL2.dll 2016-02-17 19:43 - 2016-09-01 03:02 - 04969248 _____ () F:\Steam\v8.dll 2016-02-17 19:43 - 2017-06-08 07:42 - 02485536 _____ () F:\Steam\video.dll 2016-02-17 19:43 - 2016-01-27 09:49 - 02549760 _____ () F:\Steam\libavcodec-56.dll 2016-02-17 19:43 - 2016-01-27 09:49 - 00491008 _____ () F:\Steam\libavformat-56.dll 2016-02-17 19:43 - 2016-01-27 09:49 - 00332800 _____ () F:\Steam\libavresample-2.dll 2016-02-17 19:43 - 2016-01-27 09:49 - 00442880 _____ () F:\Steam\libavutil-54.dll 2016-02-17 19:43 - 2016-01-27 09:49 - 00485888 _____ () F:\Steam\libswscale-3.dll 2016-02-17 19:43 - 2016-09-01 03:02 - 01563936 _____ () F:\Steam\icui18n.dll 2016-02-17 19:43 - 2016-09-01 03:02 - 01195296 _____ () F:\Steam\icuuc.dll 2016-02-17 19:43 - 2017-06-08 07:42 - 00877856 _____ () F:\Steam\bin\chromehtml.DLL 2016-03-09 16:58 - 2016-07-05 00:17 - 00266560 _____ () F:\Steam\openvr_api.dll 2016-12-12 21:03 - 2017-05-08 21:45 - 69516064 _____ () F:\Steam\bin\cef\cef.win7\libcef.dll 2017-06-09 15:43 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\bin\cef\cef.win7\SDL2.dll 2015-03-21 01:15 - 2017-06-08 07:42 - 00385312 _____ () F:\Steam\steam.dll 2016-02-17 19:43 - 2015-09-25 01:52 - 00119208 _____ () F:\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de IE trusted site: HKU\S-1-5-21-564169924-83152284-3685802786-500\...\amazon.de -> hxxps://amazon.de ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2017-06-17 15:39 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-564169924-83152284-3685802786-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bjoern\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{6331ae71-0058-4ab7-a86c-12fdfc2a900b}.jpg HKU\S-1-5-21-564169924-83152284-3685802786-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: chip1click => 2 MSCONFIG\Services: PlaysService => 2 MSCONFIG\Services: XblAuthManager => 3 MSCONFIG\Services: XblGameSave => 3 MSCONFIG\Services: XboxNetApiSvc => 3 MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup HKLM\...\StartupApproved\Run32: => "PlaysTV" HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip" HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-564169924-83152284-3685802786-500\...\StartupApproved\Run: => "EADM" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{B4DFAE12-8162-4635-BCBE-01C560D3BFBB}] => (Allow) F:\Steam\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{16EB85B9-A3C4-47B2-9440-48EA6237009C}] => (Allow) F:\Steam\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{A4530FF1-3888-4B71-BC9F-F555A98C5A05}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe FirewallRules: [{FA15EC11-2400-45A8-BE8A-06DA3985E01E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe FirewallRules: [{444B5F84-9E11-4A05-B358-1481F6BBBD7E}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{F334DC1A-2739-4FED-9134-62CC8135B3DA}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{6DDD2CF2-6459-44F4-8B95-8CE32EC04552}] => (Allow) F:\Steam\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{BEC8A5DF-2DEE-4921-87FC-09DBC36E4646}] => (Allow) F:\Steam\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{230436B4-F253-498A-AC01-CC4BB733E4B7}] => (Allow) C:\Users\Administrator\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{ED817AAC-0F44-4FA1-ABD4-CCCB69FDBCB0}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe FirewallRules: [{56D275C7-6AFE-4FA4-9087-D2567DC07451}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe FirewallRules: [{C129D92B-7C91-4A17-9E16-91A70E9B33E0}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe FirewallRules: [{A6D2B6FA-A9EB-4491-95B8-AE027DD51B8B}] => (Allow) F:\Games\Uplay\Anno 2205\Bin\Win64\Anno2205.exe FirewallRules: [{E62A7D80-3B57-4FE1-9D51-0BA56A9CFAF7}] => (Allow) F:\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{59940059-D9C4-452D-8B8B-8727F1601A05}] => (Allow) F:\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{14384E0D-5B17-405F-8500-84E32A79155C}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{60B5B5FB-125B-4A10-8A36-53CD52D4DAB3}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{DD02CD93-5F8D-4DE0-909F-F6D27EADD8D9}] => (Allow) F:\Steam\steamapps\common\DOOM Open Beta\DOOMx64.exe FirewallRules: [{3B22B37E-1B55-4B7A-A475-BC3A1A383F33}] => (Allow) F:\Steam\steamapps\common\DOOM Open Beta\DOOMx64.exe FirewallRules: [{50833A46-9FDF-4CC1-866C-F15F6BEE8124}] => (Allow) F:\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe FirewallRules: [{12DE8B49-A6C6-4FFC-9169-67B663DB62F8}] => (Allow) F:\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe FirewallRules: [{8D3A2DBE-491E-4DE4-87BD-D7E42B06483F}] => (Allow) F:\Steam\steamapps\common\BloonsTD5\BTD5-Win.exe FirewallRules: [{2DAC7759-F765-4256-9248-63B99565111B}] => (Allow) F:\Steam\steamapps\common\BloonsTD5\BTD5-Win.exe FirewallRules: [{1DE659C0-8B4C-4301-8A36-0ABEAE581D13}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe FirewallRules: [{4B6BF6BF-6ED3-4AEE-A8FB-81212E421A9E}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe FirewallRules: [{DDBE0211-1AE9-41C2-AF88-DAAB78B4D7CA}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe FirewallRules: [{A5BDAFC9-9C60-4F75-8ADA-4F36C445DA24}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe FirewallRules: [{D8C986EE-C6FA-461E-A22B-0215F5DB5884}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{D4A5A85F-17EC-46DD-A41D-B664DB81833E}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{7D553120-4CCD-40ED-92FE-B8C15DF9A9D8}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{8F20C0CB-B1AC-4B66-97A3-BD2AAF2462E8}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{C1B3D135-9703-4B79-A3B8-BEBBDBD42B55}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe FirewallRules: [{3BE37640-9BFA-401C-BD13-DBAF36CD3D66}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe FirewallRules: [{E165101A-68FC-4480-B0D3-07D437EBC595}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{68BF53F7-C99F-4F9C-86D7-4C2442692FE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E270DD34-3801-4445-BFB1-91E70FEB21BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{385369FF-AD09-465D-BEDD-554C26AEE6D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{6E803E56-8229-4902-BD3F-86CC35BD2CE9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{3CFE430A-4EE3-4B03-9558-B63512FF7A48}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [TCP Query User{7113AFFE-3CB4-4E3D-A8E8-923D3141ACB8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{E86EFCA6-531C-431D-B115-CE134849EA92}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{12AB4340-88C1-4A06-A266-CFB4F8ACD017}] => (Allow) C:\Users\Bjoern\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{028AECDE-03E9-4A41-B7DA-B09FFC18076D}] => (Allow) F:\Steam\Steam.exe FirewallRules: [{7BDEF756-588B-42FD-8D4D-DF03BC6F4707}] => (Allow) F:\Steam\Steam.exe FirewallRules: [{46444FD0-1C64-41D4-9736-D052D5A4B8A5}] => (Allow) F:\Steam\bin\steamwebhelper.exe FirewallRules: [{059B5865-F287-4B15-A5FB-79D1B46AEA9C}] => (Allow) F:\Steam\bin\steamwebhelper.exe FirewallRules: [{45783AD2-363B-4A20-B14B-2CBEC765F644}] => (Allow) F:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{C40DF1CB-E728-4114-BD46-22B974277592}] => (Allow) F:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{22AEB58C-8A4D-45DC-A460-2824920A8EBD}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe FirewallRules: [{7B269D47-646F-4C8C-8EA5-E8FC04CA6D5F}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe FirewallRules: [{AD61AD98-544A-4141-810E-B04E2AE53969}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{E6C63998-924B-4145-83E6-CA952A6C861C}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{BC95A939-B471-44B1-9B00-981754DE572B}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{74732222-5FD1-4B50-B83B-B449B7BEA8C4}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{1C22C5FC-2CEA-4F1E-8C89-2F33DD4E7818}] => (Allow) F:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe FirewallRules: [{9B9A60BD-7B0C-4425-A632-A87FB59ACE3D}] => (Allow) F:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe FirewallRules: [{676FF26B-D02E-481F-A376-C450FFC865C9}] => (Allow) F:\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe FirewallRules: [{BD615C38-4A01-42E2-BED4-C976F1DE4A5B}] => (Allow) F:\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe FirewallRules: [{48418C04-1BF6-4EF0-A666-AD26769CC43B}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_mp64_ship.exe FirewallRules: [{030AB5A9-E11A-461C-A38C-D24DC7707025}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_mp64_ship.exe FirewallRules: [{BB44593E-9C9B-4927-BA2B-FA3070F13C8F}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_sp64_ship.exe FirewallRules: [{E20954B3-2727-4E68-A8EB-E2703C5FDACD}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_sp64_ship.exe FirewallRules: [{15C53E81-63CD-4A77-932F-D04FBD9C9215}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{C357C6E8-A0A3-4868-A4D5-1B676C1CFCC9}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{4DE55B7B-967B-40BA-8EF2-A04EBD83243F}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DB494B08-B636-47D5-963B-424D5EE65429}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{F1AFD9E1-1ACB-4F7B-8CA2-EA1A8184215A}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe FirewallRules: [{71208021-3A16-4DDC-9C88-22F81B7BE69E}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe FirewallRules: [{DEBEF465-6B0A-4413-A804-64D4F492EB1B}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe FirewallRules: [{FB7967B1-D7F6-4F6C-90C6-EF45F26C246F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{688DF777-41EC-4E0A-91C9-33BCECFEACF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D3C2B11B-B480-4073-8EF8-314CA5F9ACB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5A9DE9C4-08E7-488E-BFFB-3C4A3CB5AFA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{629D6208-E9AF-4598-930E-A9915A558077}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe FirewallRules: [{1FA3F747-99C4-4CF1-B552-B222F22C7AC1}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe FirewallRules: [{3AB42E84-99EB-45D3-9003-2AB87CE09598}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe FirewallRules: [{D738AE8B-D200-4F9A-8F15-573474FC94EF}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe FirewallRules: [{9F9E2F30-5B70-4D9D-837E-6DA895FA0298}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Tiberium Wars\RetailExe\1.9\cnc3game.dat FirewallRules: [{362A060B-C88B-4CB0-B20E-8852F4FE3202}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Kanes Wrath\RetailExe\1.2\cnc3ep1.dat FirewallRules: [{73649E6E-F4FF-4665-98B7-DF25947CA13E}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2.exe FirewallRules: [{2529D13B-D2CE-4ABF-B288-DF5AA92377FB}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2.exe FirewallRules: [{D6EEB2B2-7BCA-487E-8AB0-CB4B8287A97F}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2_trial.exe FirewallRules: [{D1FBD3A3-AA1D-487D-8FB1-E094746EED25}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2_trial.exe FirewallRules: [{D8025864-AC88-414A-B4C4-8E16CA55AB25}] => (Allow) F:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{3F90E33F-3E3C-48BF-B65E-8EE00B413298}] => (Allow) F:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{55A765EA-28F5-45F0-BEF5-166FDC778C74}] => (Allow) F:\Games\Uplay\Might & Magic Heroes VI\Might & Magic Heroes VI.exe FirewallRules: [{46B456EF-0A88-4033-AB10-760522DD5F6A}] => (Allow) F:\Games\Uplay\Might & Magic Heroes VI\Might & Magic Heroes VI.exe FirewallRules: [{BEE3D71F-DC83-45D7-B1A9-B3F8B15E261D}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{3E883446-62FC-45C5-8893-A27D42B0D3C4}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{72451E96-7EBB-40CE-AD9F-404489567D8B}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{4796EB4A-ED80-42B7-A3F3-5B9B92478899}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{2CF07C90-CDA8-4905-B19D-0C3697F05202}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{002A8C06-C19C-4125-9158-4848B9982CB3}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{F3022BCC-78EB-496D-BC9F-05D7CAB3AFAD}] => (Allow) F:\Steam\steamapps\common\Age of Conquest IV\app_main.exe FirewallRules: [{A28095C3-766F-4198-A0C8-F61428C8F221}] => (Allow) F:\Steam\steamapps\common\Age of Conquest IV\app_main.exe FirewallRules: [{95DA8850-7D1A-461E-9158-856B057E55AA}] => (Allow) F:\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe FirewallRules: [{5564538A-6D24-4481-9C3B-03538844E58E}] => (Allow) F:\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe FirewallRules: [{1380FD59-F516-4C34-B2DB-30F0670C46DD}] => (Allow) F:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{0DCFCABB-0C71-48DF-9B33-DEB6D3A52064}] => (Allow) F:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{A7382D8B-6713-4D62-AC99-71D329C31E45}] => (Allow) F:\Games\GTA\GTA5.exe FirewallRules: [{8024C602-BCC9-40AE-AFB5-A2A8B727CAEB}] => (Allow) F:\Games\GTA\GTA5.exe FirewallRules: [{73ED5265-91D4-4390-8E87-0FD8B403D2B8}] => (Allow) C:\Users\Bjoern\AppData\Local\Temp\7zS010F\HP.EasyStart.exe FirewallRules: [{CF775FD1-1DB2-47F8-BFD6-F4A6C6108119}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxApplications.exe FirewallRules: [{1773877F-38B4-492C-99FD-487E70985150}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\DigitalWizards.exe FirewallRules: [{66C4DD67-0A38-433E-885B-B67F80B0401C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\SendAFax.exe FirewallRules: [{CCAEB1D8-BE06-4430-9A3D-4C340E0F0D4A}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxPrinterUtility.exe FirewallRules: [{AC6B80F7-8731-4810-9A65-D6BD7AFE6229}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\DeviceSetup.exe FirewallRules: [{0EF5BDAC-0822-4B5C-8E49-249D73A0158C}] => (Allow) LPort=5357 FirewallRules: [{B8E54B39-43F3-42ED-B5BA-CD43E59E84EA}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{525AE209-85B6-4E15-BDF1-224E3F772691}] => (Allow) F:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe FirewallRules: [{37E92F72-18D8-4618-B056-8CEFF2F44A68}] => (Allow) F:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe FirewallRules: [TCP Query User{5D606C15-0272-4D7F-9DEE-8B5FA81CA8B6}F:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steam\steamapps\common\7 days to die\7daystodie.exe FirewallRules: [UDP Query User{F59F9874-7927-47A5-B4D1-617E01982A60}F:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steam\steamapps\common\7 days to die\7daystodie.exe FirewallRules: [{B467F4A5-CCEB-439E-83AD-24F1D650DF81}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{A13FEBC2-4224-4292-8A81-37F12DAB4426}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{6F4E6023-9B6E-4FEA-B242-97A107969CC1}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{9A4DE7FF-784F-48DD-B3BE-D000BB91C605}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{E590CF17-A79D-4015-AAF4-C9BEB9B204A8}] => (Allow) F:\Games\Uplay\Ghost Recon Wildlands Beta\GRW.exe FirewallRules: [{A0432021-23C1-40E8-9EF5-4F8248C9BCC9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{898B83F7-238C-49A9-A842-0B2DB5AAFD18}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{0770C61D-8913-4279-9191-688BDD7048A1}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe FirewallRules: [{A90633FB-FC73-4CD3-8AE2-93C9356650B0}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe FirewallRules: [{1682D730-9870-4D51-98CA-59DD33414433}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe FirewallRules: [{BBD5F608-A4BF-465E-BCAB-F05120C694F1}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe FirewallRules: [{2929A467-6331-47E6-84C8-65C4FBD4533D}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe FirewallRules: [{84BA020A-D954-4BAE-B12F-151680B4094B}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe FirewallRules: [{57745C9B-C4A5-4A57-AB57-84AED755CE2C}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe FirewallRules: [{69A96790-4259-40B5-8871-89617BB01C93}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe FirewallRules: [{D89315C0-CEAE-464E-9D27-565297831813}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{21B9669E-267B-461D-9F4E-C1E5F3D4D0C7}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{52D36283-A917-42B8-B269-7122F4E47450}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{6B3C3FBB-E735-4A46-990D-2C6D5B3FEC8C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{E5C68C45-6041-4B68-8221-0D550E41C1E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{B4508F76-452B-4DA5-B50C-8E921253FA36}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{1F75ADED-1CC7-4173-88DE-76B944AE37C6}] => (Allow) F:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{24A8696A-C056-45CB-B5CC-824F8CDB2C29}] => (Allow) F:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{A8280086-437B-469C-B078-758FD4F1151F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{8CDEFE31-B44E-409F-9BC1-7E8D960ACD8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{CEB8698B-325F-4152-A2DD-795ACEF673FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{8AF177E0-AFD6-403A-87CF-8623D3D55770}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{025E7B1E-1B4A-426A-A797-E29E779076F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{42C9293D-B5A7-4191-B807-4FE1B097650C}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe FirewallRules: [{90061B05-B203-4F4A-A26C-B72099508133}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe FirewallRules: [{6470492B-21E6-41C1-A990-475940A6FCFE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (06/21/2017 11:57:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Bjoern-PC) Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/21/2017 09:26:08 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm explorer.exe, Version 10.0.14393.1198 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 3654 Startzeit: 01d2ea0de4540692 Beendigungszeit: 183 Anwendungspfad: C:\Windows\explorer.exe Berichts-ID: e39d92d3-5652-11e7-857a-001986002416 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (06/20/2017 11:16:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Bjoern-PC) Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte. Error: (06/17/2017 01:11:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Bjoern-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/17/2017 12:45:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Bjoern-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/16/2017 10:52:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm TwitchUI.exe, Version 1.4.12.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2b3c Startzeit: 01d2e6c8a2f288e3 Beendigungszeit: 4294967295 Anwendungspfad: C:\Users\Bjoern\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe Berichts-ID: c1c5cf03-52d5-11e7-8577-001986002416 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (06/16/2017 08:47:35 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (06/16/2017 08:47:35 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode. Error: (06/16/2017 08:47:34 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (06/16/2017 08:47:34 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Systemfehler: ============= Error: (06/21/2017 12:05:01 PM) (Source: DCOM) (EventID: 10016) (User: Bjoern-PC) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Bjoern-PC\Bjoern" (SID: S-1-5-21-564169924-83152284-3685802786-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {7D1933CB-86F6-4A98-8628-01BE94C9A575} und der APPID {F290BFB2-1864-45B1-8804-2654194A87E7} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/21/2017 12:05:01 PM) (Source: DCOM) (EventID: 10016) (User: Bjoern-PC) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Bjoern-PC\Bjoern" (SID: S-1-5-21-564169924-83152284-3685802786-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {7D1933CB-86F6-4A98-8628-01BE94C9A575} und der APPID {F290BFB2-1864-45B1-8804-2654194A87E7} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/21/2017 11:59:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/21/2017 11:59:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/21/2017 11:59:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/21/2017 11:59:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Error: (06/21/2017 11:59:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "amdacpksd" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (06/21/2017 11:57:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/21/2017 11:57:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/21/2017 11:57:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. CodeIntegrity: =================================== Date: 2017-06-21 12:05:45.397 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-06-21 12:05:45.260 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. Date: 2017-06-21 10:26:11.118 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-06-21 10:26:10.982 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. Date: 2017-06-17 11:09:32.961 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. Date: 2017-06-17 11:09:03.573 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-06-17 11:09:03.522 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. Date: 2017-06-17 11:08:59.991 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. Date: 2017-06-17 11:08:57.298 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-06-17 11:08:57.239 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Prozentuale Nutzung des RAM: 26% Installierter physikalischer RAM: 16325.89 MB Verfügbarer physikalischer RAM: 11953.89 MB Summe virtueller Speicher: 32709.89 MB Verfügbarer virtueller Speicher: 26645.43 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:111.35 GB) (Free:12.19 GB) NTFS Drive d: (Foto Pollmann) (CDROM) (Total:0.08 GB) (Free:0 GB) UDF Drive e: (Volume) (Fixed) (Total:232.78 GB) (Free:151.57 GB) NTFS Drive f: (Volume) (Fixed) (Total:3725.9 GB) (Free:1813.05 GB) NTFS Drive g: () (Fixed) (Total:69.02 GB) (Free:67.78 GB) NTFS Drive h: () (Fixed) (Total:931.51 GB) (Free:115.67 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 69.2 GB) (Disk ID: 28EB28EB) Partition: GPT. ======================================================== Disk: 1 (Size: 3726 GB) (Disk ID: 54B05093) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1EFD05FA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 111.8 GB) (Disk ID: 7F66E476) Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 4 (Size: 931.5 GB) (Disk ID: 977A5656) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
21.06.2017, 14:20 | #18 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Komische Ansage im Hintergrund Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________
__________________ |
21.06.2017, 15:20 | #19 |
| Komische Ansage im Hintergrund Habe ich mal gemacht, dann bin ich mal gespannt ob es jetzt weg ist. Vielen Dank |
21.06.2017, 15:41 | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Komische Ansage im Hintergrund Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
21.06.2017, 19:09 | #21 |
| Komische Ansage im Hintergrund Es wurde nichts gefunden Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.06.21.09 rootkit: v2017.05.27.01 Windows 10 x64 NTFS Internet Explorer 11.1358.14393.0 Bjoern :: BJOERN-PC [administrator] 21.06.2017 16:55:19 mbar-log-2017-06-21 (16-55-19).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 371846 Time elapsed: 9 minute(s), 21 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Ich werde Win neu installieren und hoffe das es dann weg ist. |
21.06.2017, 22:11 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Komische Ansage im Hintergrund Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
21.06.2017, 22:48 | #23 |
| Komische Ansage im HintergrundCode:
ATTFilter # AdwCleaner v6.047 - Bericht erstellt am 21/06/2017 um 23:43:10 # Aktualisiert am 19/05/2017 von Malwarebytes # Datenbank : 2017-06-21.3 [Server] # Betriebssystem : Windows 10 Home (X64) # Benutzername : Bjoern - BJOERN-PC # Gestartet von : C:\Users\Bjoern\Downloads\AdwCleaner_6.047.exe # Modus: Löschen # Unterstützung : https://www.malwarebytes.com/support ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769} [-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} [-] Schlüssel gelöscht: HKU\S-1-5-21-564169924-83152284-3685802786-1000\Software\Tuguu [#] Schlüssel mit Neustart gelöscht: HKCU\Software\Tuguu [#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Tuguu [-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C [-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com [-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com [#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com [#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com ***** [ Browser ] ***** [-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "Search Provided by Yahoo" [-] [C:\Users\Bjoern\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Gelöscht: search provided by yahoo [-] [C:\Users\Bjoern\AppData\Local\Chromium\User Data\Default] [startup_urls] Gelöscht: hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_21_ssg02¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzztByE0A0FtAtAzzyByCyBtA0D0EyCtN0D0Tzu0StCyCtDzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyC0BzztAtD0E0EtGtA0B0FzytG0AyC0FtBtGyDzztD0CtG0D0AyE0DtC0ByEtDyB0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtDyCyCtA0F0DtG0FyEzz0EtGyEtA0FyBtGzy0F0BtCtGyC0F0C0ByDyEzy0F0F0FyDyE2QtN0A0LzuyE%26cr%3D1569454604%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm [-] [C:\Users\Bjoern\AppData\Local\Chromium\User Data\Default] [homepage] Gelöscht: hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_21_ssg02¶m1=1¶m2=f%3D1%26b%3Dchmm%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzztByE0A0FtAtAzzyByCyBtA0D0EyCtN0D0Tzu0StCyCtDzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyC0BzztAtD0E0EtGtA0B0FzytG0AyC0FtBtGyDzztD0CtG0D0AyE0DtC0ByEtDyB0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtDyCyCtA0F0DtG0FyEzz0EtGyEtA0FyBtGzy0F0BtCtGyC0F0C0ByDyEzy0F0F0FyDyE2QtN0A0LzuyE%26cr%3D1569454604%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm [-] [C:\Users\Administrator\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Gelöscht: search provided by yahoo [-] [C:\Users\Administrator\AppData\Local\Chromium\User Data\Default] [startup_urls] Gelöscht: hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_21_ssg02¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzztByE0A0FtAtAzzyByCyBtA0D0EyCtN0D0Tzu0StCyCtDzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyC0BzztAtD0E0EtGtA0B0FzytG0AyC0FtBtGyDzztD0CtG0D0AyE0DtC0ByEtDyB0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtDyCyCtA0F0DtG0FyEzz0EtGyEtA0FyBtGzy0F0BtCtGyC0F0C0ByDyEzy0F0F0FyDyE2QtN0A0LzuyE%26cr%3D1569454604%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm [-] [C:\Users\Administrator\AppData\Local\Chromium\User Data\Default] [homepage] Gelöscht: hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_21_ssg02¶m1=1¶m2=f%3D1%26b%3Dchmm%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzztByE0A0FtAtAzzyByCyBtA0D0EyCtN0D0Tzu0StCyCtDzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyC0BzztAtD0E0EtGtA0B0FzytG0AyC0FtBtGyDzztD0CtG0D0AyE0DtC0ByEtDyB0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtDyCyCtA0F0DtG0FyEzz0EtGyEtA0FyBtGzy0F0BtCtGyC0F0C0ByDyEzy0F0F0FyDyE2QtN0A0LzuyE%26cr%3D1569454604%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm ************************* :: "Tracing" Schlüssel gelöscht :: Winsock Einstellungen zurückgesetzt :: "Prefetch" Dateien gelöscht :: Proxy Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [6318 Bytes] - [21/06/2017 23:43:10] C:\AdwCleaner\AdwCleaner[S0].txt - [4846 Bytes] - [21/06/2017 23:42:32] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6464 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Home x64 Ran by Bjoern (Administrator) on 21.06.2017 at 23:46:39,87 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 2 Successfully deleted: C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\user.js (File) Successfully deleted: C:\WINDOWS\system32\Tasks\DriverMaxAgent (Task) Deleted the following from C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\prefs.js user_pref(extensions.ich@maltegoetz.de.config, {\proxy\:\[proxy]\,\supportedsites\:[{\domain\:\www.youtube.com\,\displayName\:\YouTube (auto)\,\functionName\ user_pref(extensions.xpiState, {\app-profile\:{\admin@youtube-unblock.org\:{\d\:\C:\\\\Users\\\\Bjoern\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\s3d Registry: 2 Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 21.06.2017 at 23:48:04,85 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
22.06.2017, 08:10 | #24 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Komische Ansage im Hintergrund beide tools zwecks Kontrolle bitte wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
22.06.2017, 10:10 | #25 |
| Komische Ansage im HintergrundCode:
ATTFilter # AdwCleaner v6.047 - Bericht erstellt am 22/06/2017 um 11:05:11 # Aktualisiert am 19/05/2017 von Malwarebytes # Datenbank : 2017-06-21.3 [Lokal] # Betriebssystem : Windows 10 Home (X64) # Benutzername : Bjoern - BJOERN-PC # Gestartet von : C:\Users\Bjoern\Downloads\AdwCleaner_6.047.exe # Modus: Löschen # Unterstützung : https://www.malwarebytes.com/support ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Browser ] ***** ************************* :: "Tracing" Schlüssel gelöscht :: Winsock Einstellungen zurückgesetzt :: "Prefetch" Dateien gelöscht :: Proxy Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [6575 Bytes] - [21/06/2017 23:43:10] C:\AdwCleaner\AdwCleaner[C2].txt - [1036 Bytes] - [22/06/2017 11:05:11] C:\AdwCleaner\AdwCleaner[S0].txt - [4846 Bytes] - [21/06/2017 23:42:32] C:\AdwCleaner\AdwCleaner[S1].txt - [1489 Bytes] - [22/06/2017 11:04:46] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1255 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Home x64 Ran by Bjoern (Administrator) on 22.06.2017 at 11:07:28,95 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Deleted the following from C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\prefs.js user_pref(extensions.ich@maltegoetz.de.config, {\proxy\:\[proxy]\,\supportedsites\:[{\domain\:\www.youtube.com\,\displayName\:\YouTube (auto)\,\functionName\ user_pref(extensions.xpiState, {\app-profile\:{\admin@youtube-unblock.org\:{\d\:\C:\\\\Users\\\\Bjoern\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\s3d Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 22.06.2017 at 11:09:53,16 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
22.06.2017, 10:30 | #26 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Komische Ansage im Hintergrund Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
22.06.2017, 11:39 | #27 |
| Komische Ansage im HintergrundCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01 durchgeführt von Bjoern (Administrator) auf BJOERN-PC (22-06-2017 12:38:09) Gestartet von C:\Users\Bjoern\Desktop Geladene Profile: Bjoern (Verfügbare Profile: Bjoern & Administrator) Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (SSS) C:\Windows\System32\AudioDeviceService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Electronic Arts) F:\Games\EA\Origin\OriginWebHelperService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe () C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe (Hammer & Chisel, Inc.) C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe (Hammer & Chisel, Inc.) C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Hammer & Chisel, Inc.) C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sharkoon Technologies) C:\Program Files (x86)\Sharkoon X-Rest 7.1\Sharkoon X-Rest 7.1.exe (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe (Razer, Inc.) C:\Users\Bjoern\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe (Razer, Inc.) C:\Users\Bjoern\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_26_0_0_131.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_26_0_0_131.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-24] (Realtek Semiconductor) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-06-12] (Dropbox, Inc.) HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc) HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] () HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2014-04-04] (Portrait Displays, Inc.) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM-x32\...\Run: [Sharkoon X-Rest 7.1] => C:\Program Files (x86)\Sharkoon X-Rest 7.1\Sharkoon X-Rest 7.1.exe [9969664 2017-05-05] (Sharkoon Technologies) HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [17908944 2017-04-26] (Corsair Components, Inc.) HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Steam] => F:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation) HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.) HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-16] () HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Discord] => C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{95d6df5f-6d95-4575-8670-198f87f81226}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{f73877c4-546b-4f8a-aa7b-3a67d503b4f6}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{fc9508cc-b61a-40a7-b221-d8fd1bf857fe}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-564169924-83152284-3685802786-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Kein Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Keine Datei BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Keine Datei Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: s3dkb1zc.default FF ProfilePath: C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default [2017-06-22] FF NewTab: Mozilla\Firefox\Profiles\s3dkb1zc.default -> about:newtab FF Homepage: Mozilla\Firefox\Profiles\s3dkb1zc.default -> about:home FF Extension: (Youtube Unblock) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\admin@youtube-unblock.org.xpi [2016-08-17] FF Extension: (Combo) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\combo@yandex.ru.xpi [2016-02-28] FF Extension: (ProxTube) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\ich@maltegoetz.de.xpi [2017-04-12] FF Extension: (web converter light) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\{53e79fca-9335-456a-af14-5741a491fd2c}.xpi [2016-02-24] [ist nicht signiert] FF Extension: (ChatZilla) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-11-10] FF Extension: (AdblockService) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\{a6461e25-63c5-47c1-a443-682f8f687f13}.xpi [2016-05-18] [ist nicht signiert] FF Extension: (Adblock Plus) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-12] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-11-05] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] () FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) Chrome: ======= CHR Profile: C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default [2017-06-17] CHR Extension: (Google Präsentationen) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-05] CHR Extension: (Google Docs) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-05] CHR Extension: (Google Drive) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-05] CHR Extension: (YouTube) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-05] CHR Extension: (Google Tabellen) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-05] CHR Extension: (Kaspersky Protection) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-06-05] CHR Extension: (Google Docs Offline) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-05] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-05] CHR Extension: (Google Mail) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-05] CHR Extension: (Chrome Media Router) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-05] CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [Datei ist nicht signiert] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 AudioDeviceService; C:\WINDOWS\system32\AudioDeviceService.exe [2711552 2017-05-05] (SSS) [Datei ist nicht signiert] R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-04-29] () R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-17] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-17] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-06-12] (Dropbox, Inc.) R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2014-04-04] (Portrait Displays, Inc.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd) R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) S3 Origin Client Service; F:\Games\EA\Origin\OriginClientService.exe [2119688 2016-12-21] (Electronic Arts) R2 Origin Web Helper Service; F:\Games\EA\Origin\OriginWebHelperService.exe [2180624 2016-12-21] (Electronic Arts) S4 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-12-21] () R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-05-09] (Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178824 2017-05-09] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [43000 2017-04-13] (Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [27640 2017-04-13] (Corsair) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-20] () S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [27136 2016-09-23] (The OpenVPN Project) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-10] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [509728 2017-03-13] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [168736 2017-06-22] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-10] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-12] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-06-19] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-06-19] (AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-06-19] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-06-19] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-06-19] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-13] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-13] (AO Kaspersky Lab) S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-20] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-22] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-22] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-22] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-22] (Malwarebytes) S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.) S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51224 2016-02-04] (Razer Inc) R3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47640 2016-02-04] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-12-18] (The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-22 12:57 - 2017-06-22 12:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2017-06-22 12:57 - 2017-06-22 12:57 - 00000000 ____D C:\Windows.old 2017-06-22 12:57 - 2017-06-22 11:59 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-06-22 12:56 - 2017-06-22 12:56 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-06-22 12:56 - 2017-06-22 12:56 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\WINDOWS\system32\msmq 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\Program Files\Reference Assemblies 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\Program Files\MSBuild 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\inetpub 2017-06-22 12:56 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-06-22 12:56 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-06-22 12:56 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-06-22 12:56 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-06-22 12:56 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-06-22 12:56 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-06-22 12:37 - 2017-06-22 12:37 - 00000000 ____D C:\Users\Bjoern\Desktop\FRST-OlderVersion 2017-06-22 12:10 - 2017-06-22 12:10 - 00000000 ____D C:\ProgramData\USOShared 2017-06-22 12:10 - 2017-06-22 12:10 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2017-06-22 12:09 - 2017-06-22 12:09 - 00000020 ___SH C:\Users\Bjoern\ntuser.ini 2017-06-22 12:07 - 2017-06-22 12:07 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2017-06-22 12:07 - 2017-06-22 12:07 - 00011433 _____ C:\WINDOWS\diagerr.xml 2017-06-22 12:06 - 2017-06-22 12:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-06-22 12:06 - 2017-06-22 12:13 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-06-22 12:06 - 2017-06-22 12:06 - 00003728 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2017-06-22 12:06 - 2017-06-22 12:06 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-06-22 12:06 - 2017-06-22 12:06 - 00003504 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2017-06-22 12:06 - 2017-06-22 12:06 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-06-22 12:06 - 2017-06-22 12:06 - 00003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-06-22 12:06 - 2017-06-22 12:06 - 00003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0995B8CD-46FF-4B3E-85D9-8A816DCA03E8} 2017-06-22 12:06 - 2017-06-22 12:06 - 00003298 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{553E8D3B-F748-4790-B264-4BDDD5B950CC} 2017-06-22 12:06 - 2017-06-22 12:06 - 00002806 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bjoern.caduff@gmail.com 2017-06-22 12:06 - 2017-06-22 12:06 - 00002646 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP OfficeJet Pro 6960 2017-06-22 12:06 - 2017-06-22 12:06 - 00002356 _____ C:\WINDOWS\System32\Tasks\ScanToPCActivationApp.exe_{75EB032B-2975-406D-88FB-2FFB125E4B3D} 2017-06-22 12:06 - 2017-06-22 12:06 - 00002260 _____ C:\WINDOWS\System32\Tasks\HPCustPartic.exe_{817608E4-C049-41EA-B311-A52598BB8965} 2017-06-22 12:06 - 2017-06-22 12:06 - 00002242 _____ C:\WINDOWS\System32\Tasks\FaxApplications.exe_{C7C9E516-0EBD-4E50-A6B1-DF45B79396D9} 2017-06-22 12:06 - 2017-06-22 12:06 - 00002232 _____ C:\WINDOWS\System32\Tasks\HPCustPartic.exe_{BC84BEF4-9F45-4152-9C2C-A9D37F852002} 2017-06-22 12:06 - 2017-06-22 12:06 - 00002212 _____ C:\WINDOWS\System32\Tasks\Toolbox.exe_{A6A62D22-F6A9-43DC-941D-15C2F1D09015} 2017-06-22 12:06 - 2017-06-22 12:06 - 00002146 _____ C:\WINDOWS\System32\Tasks\StartCN 2017-06-22 12:06 - 2017-06-22 12:06 - 00002124 _____ C:\WINDOWS\System32\Tasks\{DB291251-33CE-4CF5-943F-3C0B4EB63C44} 2017-06-22 12:06 - 2017-06-22 12:06 - 00002124 _____ C:\WINDOWS\System32\Tasks\{0C0E2EF5-6184-4ED8-94B0-AA9FEDBBB092} 2017-06-22 12:06 - 2017-06-22 12:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2017-06-22 12:06 - 2017-06-22 12:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform 2017-06-22 12:03 - 2017-06-22 12:03 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-06-22 12:02 - 2017-06-22 12:02 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines 2017-06-22 12:01 - 2017-06-22 12:25 - 00000000 ____D C:\Users\Bjoern 2017-06-22 12:01 - 2017-06-22 12:05 - 00000000 ____D C:\Users\Administrator 2017-06-22 12:01 - 2017-06-22 12:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Vorlagen 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Startmenü 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Netzwerkumgebung 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Lokale Einstellungen 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Eigene Dateien 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Druckumgebung 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Documents\Eigene Videos 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Documents\Eigene Musik 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Documents\Eigene Bilder 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\AppData\Local\Verlauf 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\AppData\Local\Anwendungsdaten 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Anwendungsdaten 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Vorlagen 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Startmenü 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten 2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten 2017-06-22 12:00 - 2017-06-22 12:22 - 02135442 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-06-22 12:00 - 2017-06-22 12:17 - 00000000 ____D C:\Program Files (x86)\Razer 2017-06-22 12:00 - 2017-06-22 12:15 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-06-22 12:00 - 2017-06-22 12:02 - 00000000 ____D C:\ProgramData\Razer 2017-06-22 12:00 - 2017-06-22 12:02 - 00000000 ____D C:\ProgramData\Package Cache 2017-06-22 12:00 - 2017-06-22 12:02 - 00000000 ____D C:\Program Files\AMD 2017-06-22 12:00 - 2017-06-22 12:00 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files\Realtek 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files\ASUS 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files (x86)\ASUS 2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files (x86)\AMD 2017-06-22 12:00 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-06-22 12:00 - 2013-07-04 04:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll 2017-06-22 12:00 - 2013-07-04 04:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys 2017-06-22 11:59 - 2017-06-22 12:15 - 00256536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-06-22 11:59 - 2017-06-22 11:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-06-21 23:48 - 2017-06-22 11:09 - 00000987 _____ C:\Users\Bjoern\Desktop\JRT.txt 2017-06-21 23:45 - 2017-06-21 23:46 - 01663672 _____ (Malwarebytes) C:\Users\Bjoern\Downloads\JRT.exe 2017-06-21 23:45 - 2017-06-21 23:45 - 00006578 _____ C:\Users\Bjoern\Desktop\AdwCleaner[C0].txt 2017-06-21 23:40 - 2017-06-22 11:05 - 00000000 ____D C:\AdwCleaner 2017-06-21 23:40 - 2017-06-21 23:40 - 04110280 _____ C:\Users\Bjoern\Downloads\AdwCleaner_6.047.exe 2017-06-21 16:55 - 2017-06-21 17:20 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-06-21 16:54 - 2017-06-21 17:20 - 00000000 ____D C:\Users\Bjoern\Desktop\mbar 2017-06-21 16:53 - 2017-06-21 16:54 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Bjoern\Downloads\mbar-1.09.3.1001.exe 2017-06-21 16:41 - 2017-06-22 12:09 - 00000000 ___DC C:\WINDOWS\Panther 2017-06-21 16:36 - 2017-06-21 16:36 - 00000000 ____D C:\Users\Bjoern\AppData\Local\UNP 2017-06-21 16:13 - 2017-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-06-21 16:13 - 2017-06-21 16:13 - 07178424 _____ (VS Revo Group ) C:\Users\Bjoern\Downloads\revosetup_v2.0.3.exe 2017-06-21 16:13 - 2017-06-21 16:13 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-06-21 16:13 - 2017-06-21 16:13 - 00000000 ____D C:\Program Files\VS Revo Group 2017-06-21 14:49 - 2017-06-21 16:13 - 00177259 _____ C:\Users\Bjoern\Desktop\12_09_24_Bekanntgabeprotokoll_01.pdf 2017-06-21 12:05 - 2017-06-21 12:05 - 00000017 _____ C:\Users\Bjoern\AppData\Local\resmon.resmoncfg 2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype 2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Corsair 2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\Corsair 2017-06-21 11:33 - 2017-06-21 14:26 - 00093755 _____ C:\Users\Bjoern\Desktop\Addition.txt 2017-06-21 11:33 - 2017-06-21 11:33 - 00091474 _____ C:\Users\Administrator\Desktop\Addition.txt 2017-06-21 11:32 - 2017-06-22 12:38 - 00031390 _____ C:\Users\Bjoern\Desktop\FRST.txt 2017-06-21 09:16 - 2017-06-21 09:16 - 00000216 _____ C:\Users\Bjoern\Documents\kaspersky.txt 2017-06-20 23:21 - 2017-06-20 23:21 - 05659652 _____ (Swearware) C:\Users\Bjoern\Downloads\ComboFix.exe 2017-06-20 23:19 - 2017-06-20 23:19 - 00064919 _____ C:\Users\Bjoern\Downloads\Shortcut.txt 2017-06-20 23:19 - 2017-06-20 23:19 - 00060045 _____ C:\Users\Bjoern\Downloads\Addition.txt 2017-06-20 23:18 - 2017-06-22 12:38 - 00000000 ____D C:\FRST 2017-06-20 23:18 - 2017-06-20 23:20 - 00164602 _____ C:\Users\Bjoern\Downloads\FRST.txt 2017-06-20 23:17 - 2017-06-22 12:37 - 02439680 _____ (Farbar) C:\Users\Bjoern\Desktop\FRST64.exe 2017-06-20 22:59 - 2017-06-22 12:15 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-06-20 22:59 - 2017-06-22 12:15 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-06-20 22:59 - 2017-06-22 12:15 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-06-20 22:59 - 2017-06-22 12:15 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-06-20 22:59 - 2017-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-06-20 22:59 - 2017-06-21 16:55 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-06-20 22:59 - 2017-06-20 23:11 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-06-20 22:59 - 2017-06-20 22:59 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-06-20 22:59 - 2017-06-20 22:59 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-06-20 22:59 - 2017-06-20 22:59 - 00000000 ____D C:\Program Files\Malwarebytes 2017-06-20 22:58 - 2017-06-20 22:59 - 64025992 _____ (Malwarebytes ) C:\Users\Bjoern\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe 2017-06-20 13:53 - 2017-06-20 13:54 - 00181006 _____ C:\Users\Bjoern\Downloads\12_09_24_Bekanntgabeprotokoll_01.pdf 2017-06-19 16:02 - 2017-06-19 16:02 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys 2017-06-19 13:28 - 2017-06-19 13:28 - 00251664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2017-06-19 13:27 - 2017-06-19 13:27 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2017-06-19 13:27 - 2017-06-19 13:27 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2017-06-19 13:27 - 2017-06-19 13:27 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 2017-06-17 14:51 - 2017-06-17 14:51 - 00000000 ____D C:\ProgramData\McAfee 2017-06-15 18:51 - 2017-06-15 18:51 - 03426824 _____ C:\Users\Bjoern\Downloads\ElvUI_SLE.zip 2017-06-15 18:44 - 2017-06-15 18:44 - 03341843 _____ C:\Users\Bjoern\Downloads\elvui-10.54.zip 2017-06-15 18:43 - 2017-06-15 18:43 - 10307073 _____ C:\Users\Bjoern\Downloads\SLE_Custom_Textures_Version_2.zip 2017-06-14 21:22 - 2017-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-06-14 14:50 - 2017-06-14 14:50 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2 2017-06-12 13:55 - 2017-06-12 13:55 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-06-10 17:57 - 2017-06-10 17:57 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsign5dc76923ff4851be 2017-06-10 17:56 - 2017-06-10 17:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsign810c360305acd83c 2017-06-10 07:50 - 2017-06-10 07:50 - 00000000 ___HD C:\adobeTemp 2017-06-10 07:47 - 2017-06-19 23:27 - 00000000 ___RD C:\Users\Bjoern\Creative Cloud Files 2017-06-10 07:47 - 2017-06-10 07:47 - 00000000 ____D C:\Users\Bjoern\Documents\Adobe 2017-06-10 07:47 - 2017-06-10 07:47 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsigncd10a6e43e839649 2017-06-10 07:42 - 2017-06-19 23:37 - 00000000 ____D C:\Program Files\Adobe 2017-06-10 07:36 - 2017-06-10 07:36 - 02115464 _____ (Adobe Systems Incorporated) C:\Users\Bjoern\Downloads\After_Effects_Set-Up.exe 2017-06-10 07:16 - 2017-06-10 07:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DisplayTune 2017-06-10 07:16 - 2017-06-10 07:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\DisplayTune 2017-06-10 07:15 - 2017-06-21 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform 2017-06-10 07:15 - 2017-06-10 07:15 - 00001248 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk 2017-06-10 07:15 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore 2017-06-10 07:15 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comms 2017-06-09 16:56 - 2017-06-09 16:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Meltytech 2017-06-09 16:55 - 2017-06-09 16:55 - 173083960 _____ C:\Users\Bjoern\Downloads\20170509_141173672_PLAYERUNKNOWN'S BATTLEGROUNDS.mp4 2017-06-09 16:52 - 2017-06-09 16:55 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Twitch Leecher 2017-06-09 16:51 - 2017-06-09 16:51 - 18156716 _____ (Fake Smile Revolution) C:\Users\Bjoern\Downloads\TwitchLeecher_1.3.8_x64.exe 2017-06-09 15:35 - 2017-06-02 16:52 - 75361048 _____ C:\Users\Administrator\Downloads\shotcut-win32-170601.exe 2017-06-09 15:35 - 2017-06-02 16:52 - 192421664 _____ C:\Users\Administrator\Downloads\shotcut-win64-170601.exe 2017-06-09 15:28 - 2017-06-09 15:29 - 267152505 _____ C:\Users\Administrator\Downloads\shotcut-170601.zip 2017-06-09 15:24 - 2017-06-09 15:28 - 01496584 _____ C:\Users\Bjoern\Downloads\Shotcut - CHIP-Installer.exe 2017-06-07 20:22 - 2017-06-22 12:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Restream.io 2017-06-07 20:22 - 2017-06-07 20:22 - 00000324 _____ C:\Users\Administrator\Desktop\Restream Chat.appref-ms 2017-06-07 20:22 - 2017-06-07 20:22 - 00000000 ____D C:\Users\Administrator\Documents\RestreamChat 2017-06-07 20:21 - 2017-06-07 20:21 - 00271072 _____ C:\Users\Bjoern\Downloads\RestreamChatSetup.exe 2017-06-07 20:21 - 2017-06-07 20:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apps\2.0 2017-06-05 23:11 - 2017-06-22 12:07 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-06-05 23:11 - 2017-06-22 12:07 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-06-05 23:11 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2017-06-05 23:10 - 2017-06-05 23:11 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Google 2017-06-05 23:10 - 2017-06-05 23:11 - 00000000 ____D C:\Program Files (x86)\Google 2017-06-05 23:10 - 2017-06-05 23:10 - 01130328 _____ (Google Inc.) C:\Users\Bjoern\Downloads\ChromeSetup.exe 2017-06-04 22:21 - 2017-06-04 22:21 - 02419882 _____ C:\Users\Bjoern\Downloads\igel karl.zip 2017-06-04 19:18 - 2017-06-04 19:18 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-06-04 19:18 - 2017-06-04 19:18 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2017-06-04 19:16 - 2017-06-04 19:16 - 15507008 _____ (TeamViewer GmbH) C:\Users\Bjoern\Downloads\teamviewer_setup.exe 2017-06-02 07:36 - 2017-06-02 07:36 - 00493888 _____ C:\WINDOWS\system32\Drivers\mozart_12334867159_fw_dump.cmm 2017-05-27 11:50 - 2017-05-27 11:50 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Users\Bjoern\AppData\Local\paint.net 2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\paint.net 2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Program Files\paint.net 2017-05-27 11:49 - 2017-05-27 11:49 - 07067928 _____ C:\Users\Administrator\Downloads\paint.net.4.0.16.install.zip 2017-05-27 11:49 - 2017-04-16 23:26 - 07094520 _____ C:\Users\Administrator\Downloads\paint.net.4.0.16.install.exe 2017-05-27 11:47 - 2017-05-27 11:48 - 01496584 _____ C:\Users\Bjoern\Downloads\Paint NET - CHIP-Installer.exe 2017-05-26 18:31 - 2017-05-26 18:31 - 00131713 _____ C:\Users\Bjoern\Downloads\outer-space-8d8f.cueprofile 2017-05-26 18:28 - 2017-05-26 18:29 - 00113401 _____ C:\Users\Bjoern\Downloads\world-of-warcraft---azeroth-99cf.cueprofile 2017-05-26 18:26 - 2017-05-26 18:26 - 00131713 _____ C:\Users\Bjoern\Downloads\outer-space-e020.cueprofile 2017-05-26 18:23 - 2017-05-26 18:23 - 00113401 _____ C:\Users\Bjoern\Downloads\world-of-warcraft---azeroth-5ac5.cueprofile 2017-05-26 18:21 - 2017-05-26 18:21 - 00124727 _____ C:\Users\Bjoern\Downloads\blue-embers-117e.cueprofile 2017-05-26 17:42 - 2017-05-26 17:42 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Corsair 2017-05-26 17:42 - 2017-05-26 17:42 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Corsair 2017-05-26 17:41 - 2017-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine 2017-05-26 17:41 - 2017-05-26 17:41 - 00001199 _____ C:\Users\Public\Desktop\Corsair Utility Engine.lnk 2017-05-26 17:41 - 2017-05-26 17:41 - 00000000 ____D C:\Program Files (x86)\Corsair 2017-05-26 17:40 - 2017-05-26 17:41 - 168284160 _____ C:\Users\Bjoern\Downloads\CorsairUtilityEngineSetup_2.13.80_release.msi 2017-05-25 20:00 - 2017-05-25 20:00 - 25483032 _____ (Sony Corporation) C:\Users\Bjoern\Downloads\EP0000260866.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-22 12:59 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-06-22 12:57 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup 2017-06-22 12:57 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-06-22 12:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-06-22 12:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI 2017-06-22 12:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2017-06-22 12:56 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2017-06-22 12:56 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2017-06-22 12:56 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2017-06-22 12:56 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2017-06-22 12:56 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2017-06-22 12:56 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2017-06-22 12:56 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2017-06-22 12:56 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2017-06-22 12:56 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2017-06-22 12:56 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2017-06-22 12:56 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2017-06-22 12:56 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2017-06-22 12:56 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2017-06-22 12:56 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2017-06-22 12:56 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2017-06-22 12:56 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2017-06-22 12:56 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2017-06-22 12:56 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2017-06-22 12:56 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2017-06-22 12:56 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2017-06-22 12:56 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2017-06-22 12:23 - 2016-02-17 16:44 - 00000000 ___RD C:\Users\Bjoern\OneDrive 2017-06-22 12:23 - 2016-02-16 23:45 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Raptr 2017-06-22 12:22 - 2017-03-20 06:35 - 00912110 _____ C:\WINDOWS\system32\perfh007.dat 2017-06-22 12:22 - 2017-03-20 06:35 - 00204310 _____ C:\WINDOWS\system32\perfc007.dat 2017-06-22 12:22 - 2016-11-18 22:42 - 00000000 ____D C:\Users\Bjoern\AppData\LocalLow\Mozilla 2017-06-22 12:22 - 2016-02-16 23:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-06-22 12:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-06-22 12:15 - 2017-03-18 13:40 - 03670016 _____ C:\WINDOWS\system32\config\BBI 2017-06-22 12:13 - 2016-02-18 18:36 - 00002421 _____ C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-06-22 12:13 - 2016-02-18 18:34 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Packages 2017-06-22 12:12 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF 2017-06-22 12:10 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate 2017-06-22 12:10 - 2016-09-23 17:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\ConnectedDevicesPlatform 2017-06-22 12:09 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-06-22 12:09 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT 2017-06-22 12:09 - 2016-02-18 18:34 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-06-22 12:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-06-22 12:07 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps 2017-06-22 12:07 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration 2017-06-22 12:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-06-22 12:06 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell 2017-06-22 12:06 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media 2017-06-22 12:06 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries 2017-06-22 12:06 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-06-22 12:06 - 2016-02-18 18:29 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-06-22 12:04 - 2017-05-05 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sharkoon X-Rest 7.1 2017-06-22 12:04 - 2017-04-20 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeSkillMaster Application 2017-06-22 12:04 - 2017-04-18 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer 2017-06-22 12:04 - 2017-04-13 18:20 - 00000000 ____D C:\WINDOWS\system32\UNP 2017-06-22 12:04 - 2017-03-18 13:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM 2017-06-22 12:04 - 2017-02-05 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager 2017-06-22 12:04 - 2017-01-27 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Launcher 2017-06-22 12:04 - 2016-12-18 22:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyVPN 2017-06-22 12:04 - 2016-12-12 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2017-06-22 12:04 - 2016-12-10 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection 2017-06-22 12:04 - 2016-12-09 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard 2017-06-22 12:04 - 2016-11-14 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2017-06-22 12:04 - 2016-11-05 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5 2017-06-22 12:04 - 2016-08-31 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III 2017-06-22 12:04 - 2016-08-29 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BenQ 2017-06-22 12:04 - 2016-05-27 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer 3 Tiberium Wars and Kane's Wrath 2017-06-22 12:04 - 2016-05-27 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2017-06-22 12:04 - 2016-03-08 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-06-22 12:04 - 2016-02-28 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-06-22 12:04 - 2016-02-27 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-06-22 12:04 - 2016-02-21 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect 2017-06-22 12:04 - 2016-02-19 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2017-06-22 12:04 - 2016-02-18 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2017-06-22 12:04 - 2016-02-17 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2017-06-22 12:04 - 2016-02-17 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2017-06-22 12:04 - 2016-02-17 01:00 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-06-22 12:04 - 2016-02-17 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-06-22 12:04 - 2016-02-17 00:09 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2017-06-22 12:04 - 2016-02-17 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2017-06-22 12:04 - 2016-02-16 23:56 - 00000000 ____D C:\WINDOWS\system32\STRING 2017-06-22 12:04 - 2016-02-16 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2017-06-22 12:03 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated 2017-06-22 12:02 - 2017-03-20 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2017-06-22 12:02 - 2017-03-20 06:36 - 00000000 ____D C:\WINDOWS\OCR 2017-06-22 12:02 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-06-22 12:02 - 2017-01-14 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-06-22 12:02 - 2016-12-30 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2017-06-22 12:02 - 2016-11-04 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\inCloak Network Ltd 2017-06-22 12:02 - 2016-03-29 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1 2017-06-22 12:02 - 2016-02-17 00:59 - 00000000 ____D C:\WINDOWS\system32\SPReview 2017-06-22 12:02 - 2016-02-17 00:58 - 00000000 ____D C:\WINDOWS\system32\EventProviders 2017-06-22 12:02 - 2016-02-16 23:30 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-06-22 12:02 - 2016-02-16 23:03 - 00000000 ____D C:\Program Files\Intel 2017-06-22 12:02 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games 2017-06-22 12:01 - 2017-04-29 20:26 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2017-06-22 12:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2017-06-22 12:01 - 2016-03-29 15:52 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages 2017-06-22 12:01 - 2016-02-18 22:53 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2017-06-22 12:00 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-06-22 12:00 - 2016-02-16 23:42 - 00000000 ____D C:\AMD 2017-06-22 11:47 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT 2017-06-21 23:42 - 2016-03-12 13:29 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-06-21 17:38 - 2016-11-05 16:39 - 00000000 ____D C:\Users\Bjoern\Documents\Citavi 5 2017-06-21 11:58 - 2016-03-29 15:59 - 00002442 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-06-21 11:58 - 2016-03-29 15:59 - 00000000 ___RD C:\Users\Administrator\OneDrive 2017-06-21 11:58 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\Dropbox 2017-06-21 11:57 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr 2017-06-21 10:16 - 2016-02-17 00:06 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Battle.net 2017-06-21 10:15 - 2016-02-17 00:06 - 00000000 ____D C:\Program Files (x86)\Battle.net 2017-06-21 10:14 - 2016-11-18 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-06-21 10:14 - 2016-02-16 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-06-21 09:49 - 2016-02-18 20:14 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\obs-studio 2017-06-21 09:43 - 2016-02-19 20:24 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\TS3Client 2017-06-21 01:40 - 2016-02-28 14:49 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\vlc 2017-06-20 15:18 - 2016-02-17 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-06-19 23:38 - 2016-02-18 16:11 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Adobe 2017-06-19 23:37 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2017-06-19 23:35 - 2016-09-01 13:35 - 00001135 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-06-19 23:28 - 2016-02-23 20:26 - 00000000 ____D C:\ProgramData\Adobe 2017-06-19 23:27 - 2016-02-18 20:33 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Adobe 2017-06-18 18:13 - 2016-02-17 00:06 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Battle.net 2017-06-17 14:51 - 2016-10-30 18:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe 2017-06-17 14:50 - 2016-02-17 00:08 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Apps\2.0 2017-06-17 09:10 - 2016-03-12 13:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-06-16 22:52 - 2016-11-23 19:46 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Curse Client 2017-06-14 21:22 - 2016-02-17 21:11 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-06-14 21:21 - 2017-04-29 20:26 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\discord 2017-06-14 20:14 - 2016-02-27 15:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-06-14 20:14 - 2016-02-27 15:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-06-14 14:19 - 2016-02-16 23:30 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-06-10 07:16 - 2017-05-05 11:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Sharkoon X-Rest 7.1 2017-06-09 15:27 - 2017-05-08 17:33 - 00000000 ____D C:\Users\Bjoern\Desktop\Twitch 2017-06-03 10:11 - 2016-02-16 23:26 - 00565416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-05-31 19:34 - 2016-02-17 21:10 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Dropbox ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-03-12 14:29 - 2016-03-12 14:29 - 0000043 _____ () C:\Users\Bjoern\AppData\Roaming\WB.CFG 2017-06-21 12:05 - 2017-06-21 12:05 - 0000017 _____ () C:\Users\Bjoern\AppData\Local\resmon.resmoncfg Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Bjoern\Razer Synapse Tournament Drivers 20161016_0957.exe C:\Users\Bjoern\Razer Synapse Tournament Drivers 20170127_1855.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-06-22 11:59 ==================== Ende von FRST.txt ============================ |
22.06.2017, 11:40 | #28 |
| Komische Ansage im HintergrundCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01 durchgeführt von Bjoern (22-06-2017 12:38:39) Gestartet von C:\Users\Bjoern\Desktop Windows 10 Home Version 1703 (X64) (2017-06-22 10:09:10) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-564169924-83152284-3685802786-500 - Administrator - Enabled) => C:\Users\Administrator Bjoern (S-1-5-21-564169924-83152284-3685802786-1000 - Administrator - Enabled) => C:\Users\Bjoern DefaultAccount (S-1-5-21-564169924-83152284-3685802786-503 - Limited - Disabled) Gast (S-1-5-21-564169924-83152284-3685802786-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-564169924-83152284-3685802786-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7 Days to Die (HKLM\...\Steam App 251570) (Version: - The Fun Pimps) ACP Application (Version: 2016.0718.1650.38 - Advanced Micro Devices, Inc.) Hidden adbLink version 3.00 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 3.00 - jocala.com) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated) Age of Conquest IV (HKLM\...\Steam App 314970) (Version: - Noble Master LLC) Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version: - Ensemble Studios) AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft) Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard) Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts) Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version: - Infinity Ward) Call of Duty: Modern Warfare Remastered - Multiplayer (HKLM\...\Steam App 393100) (Version: - Raven Software) Call of Duty: Modern Warfare Remastered (HKLM\...\Steam App 393080) (Version: - Raven Software) Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.4.0.2 - Swiss Academic Software) Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Corsair Utility Engine (HKLM-x32\...\{AD19976A-08A1-4E11-862D-256178BF9864}) (Version: 2.13.80 - Corsair) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve) Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse) Curse Client (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse) Day of Defeat: Source (HKLM\...\Steam App 300) (Version: - Valve) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio) Discord (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.15.008 - Portrait Displays, Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 28.4.14 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts) Far Cry® 3 (HKLM\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai) Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.) FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN) Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version: - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Grand Theft Auto V - The Manual (HKLM-x32\...\{752EBD91-8B95-42B5-8692-A7243A6EEEA9}) (Version: 1.0.0 - Rockstar Games) Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Heavy Bullets (HKLM-x32\...\c7325e58-5895-4667-81a2-1854397fbb43) (Version: - DFE5J) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HP Dropbox Plugin (HKLM-x32\...\{30AE8906-4419-403F-86D3-5FC9AA4BEEF6}) (Version: 36.0.49.62779 - HP) HP Google Drive Plugin (HKLM-x32\...\{8A472621-0EA0-4FC5-9F7F-7043778F12AB}) (Version: 36.0.49.62779 - HP) HP OfficeJet Pro 6960 - Grundlegende Software für das Gerät (HKLM\...\{15105C5B-BB1E-429C-81B3-8797466C07DA}) (Version: 39.4.1979.16354 - HP Inc.) HP OfficeJet Pro 6960 Hilfe (HKLM-x32\...\{88A76160-F03B-4B0E-835F-87A061B674E4}) (Version: 39.0.0 - HP) HP OneDrive Plugin (HKLM-x32\...\{8B956FB3-FD54-4C58-8256-8103F0D91B77}) (Version: 36.0.0.0 - HP) I.R.I.S. OCR (HKLM-x32\...\{77374D45-3BBF-4633-A2DF-188CD2106A67}) (Version: 12.3.7.0 - HP) inCloak VPN (HKLM-x32\...\{F838701D-CCCA-4238-91CE-BEA41AABA04A}) (Version: 1.22 - inCloak Network Ltd.) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation) Jagged Alliance - Back in Action (HKLM\...\Steam App 57740) (Version: - Coreplay GmbH) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.8201.2102 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Might & Magic Heroes VI (HKLM-x32\...\Uplay Install 44) (Version: - Ubisoft) Mordheim: City of the Damned (HKLM\...\Steam App 276810) (Version: - Rogue Factor) Mozilla Firefox 54.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 de)) (Version: 54.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Orcs Must Die! Unchained (HKLM\...\Steam App 427270) (Version: - Robot Entertainment) Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.) paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC) Pivot Pro Plugin (x32 Version: 9.61.004 - Portrait Displays, Inc.) Hidden PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.) PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version: - ) PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.21.0-r121815-release - Plays.tv, LLC) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.2.4 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games) SDK (x32 Version: 2.40.012 - Portrait Displays, Inc.) Hidden Sharkoon X-Rest 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 1.1.16.8 - Sharkoon Technologies) Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.97.4382 - Electronic Arts) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Studie zur Verbesserung von HP OfficeJet Pro 6960 (HKLM\...\{0C643588-3357-44CA-A6C7-3DEFC84598F0}) (Version: 39.4.1979.16354 - HP Inc.) System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer) The Talos Principle (HKLM\...\Steam App 257510) (Version: - Croteam) tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG) Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.0.3 - Electronic Arts, Inc.) Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft) TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster) Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch) Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-564169924-83152284-3685802786-1000_Classes\CLSID\{5743f98d-03a5-429a-bbf2-cf689b0838ce}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0B572CF7-16A9-41B7-9F2B-E25984AFCE4D} - System32\Tasks\{0C0E2EF5-6184-4ED8-94B0-AA9FEDBBB092} => C:\Users\Bjoern\Downloads\LGS_8.79.77_x64_Logitech(5).exe [2016-02-18] (Logitech Inc.) Task: {0C28C420-CBEB-49A7-8BF7-BA6CED90D5CF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0EC1EB9B-5BE8-4E0C-9879-E554261A1CA6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {11D3A6B0-D88E-445E-AB62-1994AB29AC2A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {13CECC4D-D73F-4085-92EC-BD593FC22D8B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {1466B3E9-3C63-406B-AF09-5360A0A7196E} - System32\Tasks\HPCustPartic.exe_{BC84BEF4-9F45-4152-9C2C-A9D37F852002} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.) Task: {169360AB-9628-4148-95AD-4B50B4FFC551} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {198AFF7A-448F-4BCD-8535-EA1553EB7454} - System32\Tasks\{DB291251-33CE-4CF5-943F-3C0B4EB63C44} => C:\Users\Bjoern\Downloads\LGS_8.79.77_x64_Logitech(5).exe [2016-02-18] (Logitech Inc.) Task: {2BDEEB32-A766-4B15-8121-05739AA57ACB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-17] (Dropbox, Inc.) Task: {35A179DB-F28E-4B48-BCBA-F3EDD30E0917} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {38D3548C-32A2-495E-A002-91A8FB4D12D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {3AA96B27-F684-4B4E-A6A0-E34E415E304F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-05] (Google Inc.) Task: {3BDC8660-B17C-4F59-8531-CD7FEA6A87A0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bjoern.caduff@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {3C2CF6E6-9E3A-443C-BF2D-D65B8F6ECE51} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {3D59AC35-9BAA-4B24-9E9A-208A26A36A2B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] () Task: {3E8EA0D4-DAE7-4222-936C-B9C36EAC46E3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {42B8C1EF-F92E-404F-83D9-1577C4717E0A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4B645A68-933F-4965-8787-3FADBEA2C8AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {50336CCA-4498-4375-8834-10A20E6DA1F0} - System32\Tasks\ScanToPCActivationApp.exe_{75EB032B-2975-406D-88FB-2FFB125E4B3D} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\ScanToPCActivationApp.exe [2016-12-19] (HP Inc.) Task: {594F6BAD-A14C-4A7A-8235-35BA32E0A262} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {610E93EF-1973-4852-ABB3-D7D4647CD957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {71611240-8CF4-4E28-9125-C68828D8993D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {75A59B23-2A2F-435A-8EC2-9AC82BFC04DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation) Task: {77A9F491-B51F-4118-8C34-CF3B5552FAFC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {789D8861-C318-4D2A-BC8A-407C9800353E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.) Task: {7BB3AC92-9677-47E1-BEA5-C1342EDF167E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {7E409B5F-D9E7-41A0-A471-18015B36FF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {7EC901A1-B04C-466F-9EDE-FA4F873F4044} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation) Task: {900C4667-D038-4592-92DE-D1CC360DDCAF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {90267BE0-F96F-428B-BB62-461E511B59A6} - System32\Tasks\HPCustPartic.exe_{817608E4-C049-41EA-B311-A52598BB8965} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.) Task: {93D09D89-EABF-443C-BC31-A88EEEDA621F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {98EECE31-5197-47BA-AD28-CF713F3634D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG Task: {9D7F60EC-3FB6-4BFC-9A54-41FC99EDDC43} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A4DFE095-8066-44EE-BAB7-B3BD3692E58A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {A55B29AF-7F27-4025-9ED8-116FCCB9C7B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-05] (Google Inc.) Task: {AE24B250-E2E0-4277-BEB8-4A15D522D1F3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated) Task: {BD4DCC5C-E953-4983-9643-B4912FED14B0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C39C45AE-DEC4-4031-A07D-A753E70E98D8} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 6960 => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.) Task: {C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {CBA401E0-42F5-4560-81C4-C55E532EDB81} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {CC9F81AD-EBE9-473E-83FC-8BEBD3505ED7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CFF0D3DC-2AF1-49F2-B8A3-D00DE06BFDAB} - System32\Tasks\FaxApplications.exe_{C7C9E516-0EBD-4E50-A6B1-DF45B79396D9} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\FaxApplications.exe [2016-12-19] (HP Inc.) Task: {D338BC63-55B5-4723-B29A-FD1737A68396} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DA9E00C8-FEAC-49BD-885F-A6D6BA58526C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DAB8FEC9-6F96-49A4-8529-B453A28C0E19} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] () Task: {DFD7912D-89C4-4C4B-875C-270F6836337B} - System32\Tasks\Toolbox.exe_{A6A62D22-F6A9-43DC-941D-15C2F1D09015} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\Toolbox.exe [2016-12-19] (HP Inc.) Task: {EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {EC20AF13-6AEA-40FD-B9A0-3F1472C519BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F37D229B-5588-455E-BE29-1F4DFEA9C440} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-17] (Dropbox, Inc.) Task: {F8817B1A-9273-4EC5-B716-DF0D7B8E65AA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-06-22 12:00 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-12-21 21:13 - 2016-12-21 21:13 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2017-06-20 22:59 - 2017-06-20 23:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-08-29 13:55 - 2014-04-04 15:10 - 00098320 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll 2016-08-29 13:55 - 2014-04-04 15:10 - 00275472 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll 2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-06-21 07:42 - 2017-06-21 07:42 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-06-21 07:42 - 2017-06-21 07:42 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-06-21 07:42 - 2017-06-21 07:42 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-06-21 07:42 - 2017-06-21 07:42 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll 2017-04-20 14:51 - 2016-08-16 03:26 - 01623040 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe 2017-04-07 08:37 - 2017-04-07 08:37 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2016-08-29 13:55 - 2013-06-18 12:26 - 00677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe 2016-08-29 13:55 - 2013-06-18 12:26 - 00714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe 2016-08-29 13:55 - 2014-04-04 15:10 - 00163344 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe 2016-08-29 13:55 - 2014-04-04 15:10 - 00197136 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe 2017-06-06 18:47 - 2017-06-06 18:47 - 68931072 _____ () C:\Program Files\WindowsApps\Fitbit.Fitbit_2.22.1110.0_x64__6mqt6hf9g46tw\Fitbit.dll 2017-06-22 12:00 - 2017-06-22 12:15 - 00029696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2017-06-22 12:00 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll 2016-10-07 13:48 - 2016-12-21 21:23 - 02493440 _____ () F:\Games\EA\Origin\libGLESv2.dll 2016-08-29 13:55 - 2014-04-04 15:10 - 00093712 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll 2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll 2017-04-20 14:51 - 2015-02-24 23:44 - 00783360 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd 2017-04-20 14:51 - 2015-02-24 23:43 - 00047104 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd 2017-04-20 14:51 - 2015-02-24 23:43 - 00009728 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd 2017-04-20 14:51 - 2015-02-24 23:43 - 00758784 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd 2017-04-20 14:51 - 2015-02-24 23:43 - 00084992 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd 2017-04-20 14:51 - 2015-02-24 23:43 - 00053760 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd 2017-04-20 14:51 - 2015-10-25 05:32 - 01861120 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd 2017-04-20 14:51 - 2015-10-25 05:00 - 00075264 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd 2017-04-20 14:51 - 2015-02-24 23:43 - 00137216 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd 2017-04-20 14:51 - 2015-10-25 05:36 - 02002944 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd 2017-04-20 14:51 - 2015-10-25 05:43 - 04101120 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd 2017-04-20 14:51 - 2015-12-16 00:18 - 00039424 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd 2017-04-29 20:26 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\ffmpeg.dll 2017-04-29 20:26 - 2017-04-29 20:26 - 01082880 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node 2017-04-29 20:26 - 2017-04-29 20:26 - 03750400 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll 2017-04-29 20:26 - 2017-04-29 20:26 - 00914432 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node 2017-04-29 20:26 - 2017-04-29 20:26 - 01127424 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node 2017-04-29 20:26 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\libglesv2.dll 2017-04-29 20:26 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\libegl.dll 2017-06-14 21:22 - 2017-06-12 13:52 - 00775488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2017-06-14 21:22 - 2017-06-12 13:52 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2016-02-17 21:12 - 2017-06-12 13:52 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-02-17 21:12 - 2017-06-12 13:54 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-02-17 21:12 - 2017-06-12 13:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-08-06 15:27 - 2017-06-12 13:55 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-06-14 21:22 - 2017-06-12 13:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-02-17 21:12 - 2017-06-12 13:54 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-08-06 15:27 - 2017-06-12 13:55 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-05-15 19:31 - 2017-06-12 13:55 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2016-02-17 21:12 - 2017-06-12 13:55 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-03-01 18:41 - 2017-06-12 13:55 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-01-25 19:47 - 2017-06-12 13:55 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2016-04-15 16:36 - 2017-06-12 13:55 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2017-01-25 19:47 - 2017-06-12 13:55 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-01-25 19:47 - 2017-06-12 13:55 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-01-25 19:47 - 2017-06-12 13:55 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2016-02-17 21:12 - 2017-06-12 13:52 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2016-02-17 21:12 - 2017-06-12 13:55 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-06-14 21:22 - 2017-06-12 13:54 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-06-14 21:22 - 2017-06-12 13:54 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-07-16 18:36 - 2017-06-12 13:54 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-06-14 21:22 - 2017-06-12 13:52 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2017-06-14 21:22 - 2017-06-12 13:52 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2016-08-06 15:27 - 2017-06-12 13:55 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-04-09 16:51 - 2017-06-12 13:54 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2017-06-14 21:22 - 2017-06-12 13:54 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2017-06-22 12:23 - 2017-06-22 12:23 - 00148992 _____ () \\?\C:\Users\Bjoern\AppData\Local\Temp\F55F.tmp.node 2017-04-29 20:26 - 2017-04-29 20:26 - 02658296 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node 2017-04-29 20:27 - 2017-04-29 20:27 - 02665976 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node 2015-05-08 03:37 - 2015-05-08 03:37 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd 2017-05-04 21:01 - 2017-05-04 21:01 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd 2015-05-08 03:38 - 2015-05-08 03:38 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll 2015-05-08 03:37 - 2015-05-08 03:37 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd 2015-05-08 03:49 - 2015-05-08 03:49 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll 2015-05-08 03:39 - 2015-05-08 03:39 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd 2015-05-08 03:39 - 2015-05-08 03:39 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd 2015-05-08 03:37 - 2015-05-08 03:37 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd 2015-11-13 23:59 - 2015-11-13 23:59 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll 2015-11-13 23:59 - 2015-11-13 23:59 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll 2015-05-08 03:37 - 2015-05-08 03:37 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd 2016-08-29 13:55 - 2014-04-04 15:10 - 00187920 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll 2017-05-22 12:13 - 2017-05-22 12:13 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 50656768 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll 2015-05-08 03:39 - 2015-05-08 03:39 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd 2017-05-04 19:33 - 2017-05-04 19:33 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd 2015-05-08 03:49 - 2015-05-08 03:49 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll 2015-05-08 03:55 - 2015-05-08 03:55 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll 2015-05-08 03:49 - 2015-05-08 03:49 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll 2017-04-26 15:26 - 2017-04-26 15:26 - 00044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll 2017-04-26 15:27 - 2017-04-26 15:27 - 00199680 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll 2017-04-26 15:37 - 2017-04-26 15:37 - 00086528 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll 2017-04-26 15:26 - 2017-04-26 15:26 - 00097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll 2016-12-01 13:28 - 2016-12-01 13:28 - 01983488 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll 2016-12-01 13:28 - 2016-12-01 13:28 - 00013824 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL 2017-03-20 13:20 - 2016-10-08 09:13 - 50656768 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 01874944 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 00075264 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 01874944 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll 2017-03-20 13:20 - 2016-10-08 09:13 - 00075264 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2017-06-17 15:39 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-564169924-83152284-3685802786-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bjoern\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{6331ae71-0058-4ab7-a86c-12fdfc2a900b}.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: chip1click => 2 MSCONFIG\Services: PlaysService => 2 MSCONFIG\Services: XblAuthManager => 3 MSCONFIG\Services: XblGameSave => 3 MSCONFIG\Services: XboxNetApiSvc => 3 MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup HKLM\...\StartupApproved\Run32: => "PlaysTV" HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip" HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{6470492B-21E6-41C1-A990-475940A6FCFE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{90061B05-B203-4F4A-A26C-B72099508133}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe FirewallRules: [{42C9293D-B5A7-4191-B807-4FE1B097650C}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe FirewallRules: [{025E7B1E-1B4A-426A-A797-E29E779076F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{8AF177E0-AFD6-403A-87CF-8623D3D55770}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{CEB8698B-325F-4152-A2DD-795ACEF673FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{8CDEFE31-B44E-409F-9BC1-7E8D960ACD8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A8280086-437B-469C-B078-758FD4F1151F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{24A8696A-C056-45CB-B5CC-824F8CDB2C29}] => (Allow) F:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{1F75ADED-1CC7-4173-88DE-76B944AE37C6}] => (Allow) F:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{B4508F76-452B-4DA5-B50C-8E921253FA36}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{E5C68C45-6041-4B68-8221-0D550E41C1E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{6B3C3FBB-E735-4A46-990D-2C6D5B3FEC8C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{52D36283-A917-42B8-B269-7122F4E47450}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{21B9669E-267B-461D-9F4E-C1E5F3D4D0C7}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{D89315C0-CEAE-464E-9D27-565297831813}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{69A96790-4259-40B5-8871-89617BB01C93}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe FirewallRules: [{57745C9B-C4A5-4A57-AB57-84AED755CE2C}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe FirewallRules: [{84BA020A-D954-4BAE-B12F-151680B4094B}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe FirewallRules: [{2929A467-6331-47E6-84C8-65C4FBD4533D}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe FirewallRules: [{BBD5F608-A4BF-465E-BCAB-F05120C694F1}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe FirewallRules: [{1682D730-9870-4D51-98CA-59DD33414433}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe FirewallRules: [{A90633FB-FC73-4CD3-8AE2-93C9356650B0}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe FirewallRules: [{0770C61D-8913-4279-9191-688BDD7048A1}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe FirewallRules: [{898B83F7-238C-49A9-A842-0B2DB5AAFD18}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{A0432021-23C1-40E8-9EF5-4F8248C9BCC9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{E590CF17-A79D-4015-AAF4-C9BEB9B204A8}] => (Allow) F:\Games\Uplay\Ghost Recon Wildlands Beta\GRW.exe FirewallRules: [{9A4DE7FF-784F-48DD-B3BE-D000BB91C605}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{6F4E6023-9B6E-4FEA-B242-97A107969CC1}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{A13FEBC2-4224-4292-8A81-37F12DAB4426}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{B467F4A5-CCEB-439E-83AD-24F1D650DF81}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [UDP Query User{F59F9874-7927-47A5-B4D1-617E01982A60}F:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steam\steamapps\common\7 days to die\7daystodie.exe FirewallRules: [TCP Query User{5D606C15-0272-4D7F-9DEE-8B5FA81CA8B6}F:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steam\steamapps\common\7 days to die\7daystodie.exe FirewallRules: [{37E92F72-18D8-4618-B056-8CEFF2F44A68}] => (Allow) F:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe FirewallRules: [{525AE209-85B6-4E15-BDF1-224E3F772691}] => (Allow) F:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe FirewallRules: [{B8E54B39-43F3-42ED-B5BA-CD43E59E84EA}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{0EF5BDAC-0822-4B5C-8E49-249D73A0158C}] => (Allow) LPort=5357 FirewallRules: [{AC6B80F7-8731-4810-9A65-D6BD7AFE6229}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\DeviceSetup.exe FirewallRules: [{CCAEB1D8-BE06-4430-9A3D-4C340E0F0D4A}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxPrinterUtility.exe FirewallRules: [{66C4DD67-0A38-433E-885B-B67F80B0401C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\SendAFax.exe FirewallRules: [{1773877F-38B4-492C-99FD-487E70985150}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\DigitalWizards.exe FirewallRules: [{CF775FD1-1DB2-47F8-BFD6-F4A6C6108119}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxApplications.exe FirewallRules: [{73ED5265-91D4-4390-8E87-0FD8B403D2B8}] => (Allow) C:\Users\Bjoern\AppData\Local\Temp\7zS010F\HP.EasyStart.exe FirewallRules: [{8024C602-BCC9-40AE-AFB5-A2A8B727CAEB}] => (Allow) F:\Games\GTA\GTA5.exe FirewallRules: [{A7382D8B-6713-4D62-AC99-71D329C31E45}] => (Allow) F:\Games\GTA\GTA5.exe FirewallRules: [{0DCFCABB-0C71-48DF-9B33-DEB6D3A52064}] => (Allow) F:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{1380FD59-F516-4C34-B2DB-30F0670C46DD}] => (Allow) F:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{5564538A-6D24-4481-9C3B-03538844E58E}] => (Allow) F:\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe FirewallRules: [{95DA8850-7D1A-461E-9158-856B057E55AA}] => (Allow) F:\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe FirewallRules: [{A28095C3-766F-4198-A0C8-F61428C8F221}] => (Allow) F:\Steam\steamapps\common\Age of Conquest IV\app_main.exe FirewallRules: [{F3022BCC-78EB-496D-BC9F-05D7CAB3AFAD}] => (Allow) F:\Steam\steamapps\common\Age of Conquest IV\app_main.exe FirewallRules: [{002A8C06-C19C-4125-9158-4848B9982CB3}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{2CF07C90-CDA8-4905-B19D-0C3697F05202}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{4796EB4A-ED80-42B7-A3F3-5B9B92478899}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{72451E96-7EBB-40CE-AD9F-404489567D8B}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{3E883446-62FC-45C5-8893-A27D42B0D3C4}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{BEE3D71F-DC83-45D7-B1A9-B3F8B15E261D}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{46B456EF-0A88-4033-AB10-760522DD5F6A}] => (Allow) F:\Games\Uplay\Might & Magic Heroes VI\Might & Magic Heroes VI.exe FirewallRules: [{55A765EA-28F5-45F0-BEF5-166FDC778C74}] => (Allow) F:\Games\Uplay\Might & Magic Heroes VI\Might & Magic Heroes VI.exe FirewallRules: [{3F90E33F-3E3C-48BF-B65E-8EE00B413298}] => (Allow) F:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{D8025864-AC88-414A-B4C4-8E16CA55AB25}] => (Allow) F:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{D1FBD3A3-AA1D-487D-8FB1-E094746EED25}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2_trial.exe FirewallRules: [{D6EEB2B2-7BCA-487E-8AB0-CB4B8287A97F}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2_trial.exe FirewallRules: [{2529D13B-D2CE-4ABF-B288-DF5AA92377FB}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2.exe FirewallRules: [{73649E6E-F4FF-4665-98B7-DF25947CA13E}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2.exe FirewallRules: [{362A060B-C88B-4CB0-B20E-8852F4FE3202}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Kanes Wrath\RetailExe\1.2\cnc3ep1.dat FirewallRules: [{9F9E2F30-5B70-4D9D-837E-6DA895FA0298}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Tiberium Wars\RetailExe\1.9\cnc3game.dat FirewallRules: [{D738AE8B-D200-4F9A-8F15-573474FC94EF}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe FirewallRules: [{3AB42E84-99EB-45D3-9003-2AB87CE09598}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe FirewallRules: [{1FA3F747-99C4-4CF1-B552-B222F22C7AC1}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe FirewallRules: [{629D6208-E9AF-4598-930E-A9915A558077}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe FirewallRules: [{5A9DE9C4-08E7-488E-BFFB-3C4A3CB5AFA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D3C2B11B-B480-4073-8EF8-314CA5F9ACB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{688DF777-41EC-4E0A-91C9-33BCECFEACF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{FB7967B1-D7F6-4F6C-90C6-EF45F26C246F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{DEBEF465-6B0A-4413-A804-64D4F492EB1B}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe FirewallRules: [{71208021-3A16-4DDC-9C88-22F81B7BE69E}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe FirewallRules: [{F1AFD9E1-1ACB-4F7B-8CA2-EA1A8184215A}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe FirewallRules: [{DB494B08-B636-47D5-963B-424D5EE65429}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{4DE55B7B-967B-40BA-8EF2-A04EBD83243F}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{C357C6E8-A0A3-4868-A4D5-1B676C1CFCC9}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{15C53E81-63CD-4A77-932F-D04FBD9C9215}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{E20954B3-2727-4E68-A8EB-E2703C5FDACD}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_sp64_ship.exe FirewallRules: [{BB44593E-9C9B-4927-BA2B-FA3070F13C8F}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_sp64_ship.exe FirewallRules: [{030AB5A9-E11A-461C-A38C-D24DC7707025}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_mp64_ship.exe FirewallRules: [{48418C04-1BF6-4EF0-A666-AD26769CC43B}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_mp64_ship.exe FirewallRules: [{BD615C38-4A01-42E2-BED4-C976F1DE4A5B}] => (Allow) F:\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe FirewallRules: [{676FF26B-D02E-481F-A376-C450FFC865C9}] => (Allow) F:\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe FirewallRules: [{9B9A60BD-7B0C-4425-A632-A87FB59ACE3D}] => (Allow) F:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe FirewallRules: [{1C22C5FC-2CEA-4F1E-8C89-2F33DD4E7818}] => (Allow) F:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe FirewallRules: [{74732222-5FD1-4B50-B83B-B449B7BEA8C4}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{BC95A939-B471-44B1-9B00-981754DE572B}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{E6C63998-924B-4145-83E6-CA952A6C861C}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{AD61AD98-544A-4141-810E-B04E2AE53969}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{7B269D47-646F-4C8C-8EA5-E8FC04CA6D5F}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe FirewallRules: [{22AEB58C-8A4D-45DC-A460-2824920A8EBD}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe FirewallRules: [{C40DF1CB-E728-4114-BD46-22B974277592}] => (Allow) F:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{45783AD2-363B-4A20-B14B-2CBEC765F644}] => (Allow) F:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{059B5865-F287-4B15-A5FB-79D1B46AEA9C}] => (Allow) F:\Steam\bin\steamwebhelper.exe FirewallRules: [{46444FD0-1C64-41D4-9736-D052D5A4B8A5}] => (Allow) F:\Steam\bin\steamwebhelper.exe FirewallRules: [{7BDEF756-588B-42FD-8D4D-DF03BC6F4707}] => (Allow) F:\Steam\Steam.exe FirewallRules: [{028AECDE-03E9-4A41-B7DA-B09FFC18076D}] => (Allow) F:\Steam\Steam.exe FirewallRules: [{12AB4340-88C1-4A06-A266-CFB4F8ACD017}] => (Allow) C:\Users\Bjoern\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [UDP Query User{E86EFCA6-531C-431D-B115-CE134849EA92}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{7113AFFE-3CB4-4E3D-A8E8-923D3141ACB8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{3CFE430A-4EE3-4B03-9558-B63512FF7A48}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{6E803E56-8229-4902-BD3F-86CC35BD2CE9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{385369FF-AD09-465D-BEDD-554C26AEE6D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{E270DD34-3801-4445-BFB1-91E70FEB21BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{68BF53F7-C99F-4F9C-86D7-4C2442692FE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E165101A-68FC-4480-B0D3-07D437EBC595}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3BE37640-9BFA-401C-BD13-DBAF36CD3D66}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe FirewallRules: [{C1B3D135-9703-4B79-A3B8-BEBBDBD42B55}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe FirewallRules: [{8F20C0CB-B1AC-4B66-97A3-BD2AAF2462E8}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{7D553120-4CCD-40ED-92FE-B8C15DF9A9D8}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{D4A5A85F-17EC-46DD-A41D-B664DB81833E}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{D8C986EE-C6FA-461E-A22B-0215F5DB5884}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{A5BDAFC9-9C60-4F75-8ADA-4F36C445DA24}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe FirewallRules: [{DDBE0211-1AE9-41C2-AF88-DAAB78B4D7CA}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe FirewallRules: [{4B6BF6BF-6ED3-4AEE-A8FB-81212E421A9E}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe FirewallRules: [{1DE659C0-8B4C-4301-8A36-0ABEAE581D13}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe FirewallRules: [{2DAC7759-F765-4256-9248-63B99565111B}] => (Allow) F:\Steam\steamapps\common\BloonsTD5\BTD5-Win.exe FirewallRules: [{8D3A2DBE-491E-4DE4-87BD-D7E42B06483F}] => (Allow) F:\Steam\steamapps\common\BloonsTD5\BTD5-Win.exe FirewallRules: [{12DE8B49-A6C6-4FFC-9169-67B663DB62F8}] => (Allow) F:\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe FirewallRules: [{50833A46-9FDF-4CC1-866C-F15F6BEE8124}] => (Allow) F:\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe FirewallRules: [{60B5B5FB-125B-4A10-8A36-53CD52D4DAB3}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{14384E0D-5B17-405F-8500-84E32A79155C}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{59940059-D9C4-452D-8B8B-8727F1601A05}] => (Allow) F:\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{E62A7D80-3B57-4FE1-9D51-0BA56A9CFAF7}] => (Allow) F:\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{A6D2B6FA-A9EB-4491-95B8-AE027DD51B8B}] => (Allow) F:\Games\Uplay\Anno 2205\Bin\Win64\Anno2205.exe FirewallRules: [{C129D92B-7C91-4A17-9E16-91A70E9B33E0}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe FirewallRules: [{56D275C7-6AFE-4FA4-9087-D2567DC07451}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe FirewallRules: [{ED817AAC-0F44-4FA1-ABD4-CCCB69FDBCB0}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe FirewallRules: [{230436B4-F253-498A-AC01-CC4BB733E4B7}] => (Allow) C:\Users\Administrator\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{BEC8A5DF-2DEE-4921-87FC-09DBC36E4646}] => (Allow) F:\Steam\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{6DDD2CF2-6459-44F4-8B95-8CE32EC04552}] => (Allow) F:\Steam\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{F334DC1A-2739-4FED-9134-62CC8135B3DA}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{444B5F84-9E11-4A05-B358-1481F6BBBD7E}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{FA15EC11-2400-45A8-BE8A-06DA3985E01E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe FirewallRules: [{A4530FF1-3888-4B71-BC9F-F555A98C5A05}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe FirewallRules: [{16EB85B9-A3C4-47B2-9440-48EA6237009C}] => (Allow) F:\Steam\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{B4DFAE12-8162-4635-BCBE-01C560D3BFBB}] => (Allow) F:\Steam\steamapps\common\Day of Defeat Source\hl2.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Xbox Wireless Adapter for Windows Description: Xbox Wireless Adapter for Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Corporation Service: mt7612US Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/22/2017 12:10:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/22/2017 12:06:17 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: ) Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A Error: (06/22/2017 12:05:07 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: ) Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A Error: (06/22/2017 12:05:07 PM) (Source: MSDTC 2) (EventID: 4104) (User: ) Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A Systemfehler: ============= Error: (06/22/2017 12:22:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/22/2017 12:22:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht. Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht. Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht. Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht. Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht. Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht. Error: (06/22/2017 12:19:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (06/22/2017 12:19:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. CodeIntegrity: =================================== Date: 2017-06-22 12:24:08.163 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:24:08.124 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:23:35.981 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:23:35.757 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:23:35.645 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:09:41.580 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:09:32.780 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:09:32.684 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:09:32.087 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-06-22 12:09:31.647 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Prozentuale Nutzung des RAM: 29% Installierter physikalischer RAM: 16325.89 MB Verfügbarer physikalischer RAM: 11537.42 MB Summe virtueller Speicher: 32709.89 MB Verfügbarer virtueller Speicher: 26908.02 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:111.35 GB) (Free:5.65 GB) NTFS Drive d: (Foto Pollmann) (CDROM) (Total:0.08 GB) (Free:0 GB) UDF Drive e: (Volume) (Fixed) (Total:232.78 GB) (Free:151.57 GB) NTFS Drive f: (Volume) (Fixed) (Total:3725.9 GB) (Free:1813.06 GB) NTFS Drive g: () (Fixed) (Total:69.02 GB) (Free:67.78 GB) NTFS Drive h: () (Fixed) (Total:931.51 GB) (Free:115.67 GB) NTFS Drive i: () (Removable) (Total:29.82 GB) (Free:15.59 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 69.2 GB) (Disk ID: 28EB28EB) Partition: GPT. ======================================================== Disk: 1 (Size: 3726 GB) (Disk ID: 54B05093) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1EFD05FA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 111.8 GB) (Disk ID: 7F66E476) Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 4 (Size: 931.5 GB) (Disk ID: 977A5656) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (Size: 29.8 GB) (Disk ID: C5A19CBB) Partition 1: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
22.06.2017, 13:01 | #29 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Komische Ansage im Hintergrund FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter BHO: Kein Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Keine Datei Task: {38D3548C-32A2-495E-A002-91A8FB4D12D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {610E93EF-1973-4852-ABB3-D7D4647CD957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {7BB3AC92-9677-47E1-BEA5-C1342EDF167E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {7E409B5F-D9E7-41A0-A471-18015B36FF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {98EECE31-5197-47BA-AD28-CF713F3634D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG Task: {A4DFE095-8066-44EE-BAB7-B3BD3692E58A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
22.06.2017, 16:58 | #30 |
| Komische Ansage im HintergrundCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01 durchgeführt von Bjoern (22-06-2017 17:53:38) Run:1 Gestartet von C:\Users\Bjoern\Desktop\Neuer Ordner (2) Geladene Profile: Bjoern (Verfügbare Profile: Bjoern & Administrator) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** BHO: Kein Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Keine Datei Task: {38D3548C-32A2-495E-A002-91A8FB4D12D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {610E93EF-1973-4852-ABB3-D7D4647CD957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {7BB3AC92-9677-47E1-BEA5-C1342EDF167E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {7E409B5F-D9E7-41A0-A471-18015B36FF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {98EECE31-5197-47BA-AD28-CF713F3634D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG Task: {A4DFE095-8066-44EE-BAB7-B3BD3692E58A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG emptytemp: ***************** HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => Schlüssel erfolgreich entfernt HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => Schlüssel nicht gefunden. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38D3548C-32A2-495E-A002-91A8FB4D12D5} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38D3548C-32A2-495E-A002-91A8FB4D12D5} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{610E93EF-1973-4852-ABB3-D7D4647CD957} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{610E93EF-1973-4852-ABB3-D7D4647CD957} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BB3AC92-9677-47E1-BEA5-C1342EDF167E} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB3AC92-9677-47E1-BEA5-C1342EDF167E} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E409B5F-D9E7-41A0-A471-18015B36FF5A} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E409B5F-D9E7-41A0-A471-18015B36FF5A} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98EECE31-5197-47BA-AD28-CF713F3634D0} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98EECE31-5197-47BA-AD28-CF713F3634D0} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4DFE095-8066-44EE-BAB7-B3BD3692E58A} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4DFE095-8066-44EE-BAB7-B3BD3692E58A} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt =========== EmptyTemp: ========== BITS transfer queue => 6053888 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17008301 B Java, Flash, Steam htmlcache => 148694772 B Windows/system/drivers => 964306 B Edge => 235547125 B Chrome => 97473569 B Firefox => 383701952 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 23330 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 4082 B NetworkService => 87020 B Bjoern => 50990903 B Administrator => 71851 B RecycleBin => 6474923439 B EmptyTemp: => 6.9 GB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 17:56:03 ==== |
Themen zu Komische Ansage im Hintergrund |
administrator, adobe, asus, converter, defender, detected, explorer, firefox, home, homepage, kaspersky, microsoft, mozilla, problem, prozesse, realtek, registry, router, rundll, scan, security, software, system, usb, windows |