Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Komische Ansage im Hintergrund

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.06.2017, 13:28   #16
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Auf ein neues, danke schonmal für die Mühe mit mir.
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
durchgeführt von Administrator (Administrator) auf BJOERN-PC (21-06-2017 14:25:35)
Gestartet von C:\Users\Bjoern\Desktop
Geladene Profile: Bjoern & Administrator (Verfügbare Profile: Bjoern & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Users\Administrator\AppData\Local\Chromium\Application\chrome.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(SSS) C:\Windows\System32\AudioDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Electronic Arts) F:\Games\EA\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sharkoon Technologies) C:\Program Files (x86)\Sharkoon X-Rest 7.1\Sharkoon X-Rest 7.1.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Bjoern\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Razer, Inc.) C:\Users\Bjoern\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Valve Corporation) F:\Steam\Steam.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-06-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] ()
HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2014-04-04] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [Sharkoon X-Rest 7.1] => C:\Program Files (x86)\Sharkoon X-Rest 7.1\Sharkoon X-Rest 7.1.exe [9969664 2017-05-05] (Sharkoon Technologies)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [17908944 2017-04-26] (Corsair Components, Inc.)
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Steam] => F:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-16] ()
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Discord] => C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-564169924-83152284-3685802786-500\...\Run: [EADM] => F:\Games\EA\Origin\Origin.exe [3044848 2016-12-21] (Electronic Arts)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
Startup: C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2016-11-04]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (Keine Datei)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{95d6df5f-6d95-4575-8670-198f87f81226}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{f73877c4-546b-4f8a-aa7b-3a67d503b4f6}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{fc9508cc-b61a-40a7-b221-d8fd1bf857fe}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-564169924-83152284-3685802786-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-564169924-83152284-3685802786-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\p4pq29x8.default [2016-11-14]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-12]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-11-05]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [104624 2017-06-14] ()
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 AudioDeviceService; C:\WINDOWS\system32\AudioDeviceService.exe [2711552 2017-05-05] (SSS) [Datei ist nicht signiert]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-04-29] ()
S4 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-17] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-06-12] (Dropbox, Inc.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2014-04-04] (Portrait Displays, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; F:\Games\EA\Origin\OriginClientService.exe [2119688 2016-12-21] (Electronic Arts)
R2 Origin Web Helper Service; F:\Games\EA\Origin\OriginWebHelperService.exe [2180624 2016-12-21] (Electronic Arts)
S4 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-12-21] ()
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-05-09] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178824 2017-05-09] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [43000 2017-04-13] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [27640 2017-04-13] (Corsair)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-20] ()
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [27136 2016-09-23] (The OpenVPN Project)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-10] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [509728 2017-03-13] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-10] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-06-19] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-06-19] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-06-19] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-06-19] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-06-19] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-13] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-13] (AO Kaspersky Lab)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-21] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-21] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-21] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-21] (Malwarebytes)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51224 2016-02-04] (Razer Inc)
R3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47640 2016-02-04] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-12-18] (The OpenVPN Project)
S3 UAExt; C:\WINDOWS\System32\DRIVERS\UAExt.sys [65456 2017-05-05] (Solid State System.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; kein ImagePath
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-21 12:05 - 2017-06-21 12:05 - 00000017 _____ C:\Users\Bjoern\AppData\Local\resmon.resmoncfg
2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Corsair
2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\Corsair
2017-06-21 11:33 - 2017-06-21 12:12 - 00090777 _____ C:\Users\Bjoern\Desktop\Addition.txt
2017-06-21 11:33 - 2017-06-21 11:33 - 00091474 _____ C:\Users\Administrator\Desktop\Addition.txt
2017-06-21 11:32 - 2017-06-21 14:25 - 00029860 _____ C:\Users\Bjoern\Desktop\FRST.txt
2017-06-21 09:16 - 2017-06-21 09:16 - 00000216 _____ C:\Users\Bjoern\Documents\kaspersky.txt
2017-06-20 23:21 - 2017-06-20 23:21 - 05659652 _____ (Swearware) C:\Users\Bjoern\Downloads\ComboFix.exe
2017-06-20 23:19 - 2017-06-20 23:19 - 00064919 _____ C:\Users\Bjoern\Downloads\Shortcut.txt
2017-06-20 23:19 - 2017-06-20 23:19 - 00060045 _____ C:\Users\Bjoern\Downloads\Addition.txt
2017-06-20 23:18 - 2017-06-21 14:25 - 00000000 ____D C:\FRST
2017-06-20 23:18 - 2017-06-20 23:20 - 00164602 _____ C:\Users\Bjoern\Downloads\FRST.txt
2017-06-20 23:17 - 2017-06-20 23:17 - 02439680 _____ (Farbar) C:\Users\Bjoern\Desktop\FRST64.exe
2017-06-20 22:59 - 2017-06-21 13:13 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-20 22:59 - 2017-06-21 11:59 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-20 22:59 - 2017-06-21 11:59 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-20 22:59 - 2017-06-21 11:59 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-20 22:59 - 2017-06-20 23:11 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-20 22:59 - 2017-06-20 22:59 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-20 22:59 - 2017-06-20 22:59 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-20 22:59 - 2017-06-20 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-20 22:59 - 2017-06-20 22:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-20 22:59 - 2017-06-20 22:59 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-20 22:58 - 2017-06-20 22:59 - 64025992 _____ (Malwarebytes ) C:\Users\Bjoern\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-20 13:53 - 2017-06-20 13:54 - 00181006 _____ C:\Users\Bjoern\Downloads\12_09_24_Bekanntgabeprotokoll_01.pdf
2017-06-20 08:49 - 2017-06-20 08:49 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
2017-06-20 08:49 - 2017-06-20 08:49 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-06-19 16:02 - 2017-06-19 16:02 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-06-19 13:28 - 2017-06-19 13:28 - 00251664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-06-19 13:27 - 2017-06-19 13:27 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-06-19 13:27 - 2017-06-19 13:27 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-06-19 13:27 - 2017-06-19 13:27 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-06-17 14:51 - 2017-06-17 14:51 - 00000000 ____D C:\ProgramData\McAfee
2017-06-15 18:51 - 2017-06-15 18:51 - 03426824 _____ C:\Users\Bjoern\Downloads\ElvUI_SLE.zip
2017-06-15 18:44 - 2017-06-15 18:44 - 03341843 _____ C:\Users\Bjoern\Downloads\elvui-10.54.zip
2017-06-15 18:43 - 2017-06-15 18:43 - 10307073 _____ C:\Users\Bjoern\Downloads\SLE_Custom_Textures_Version_2.zip
2017-06-14 21:22 - 2017-06-14 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-14 14:50 - 2017-06-14 14:50 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 14:14 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 14:14 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 14:14 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 14:14 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 14:14 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 14:14 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 14:14 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 14:14 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 14:14 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 14:14 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 14:14 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 14:14 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-14 14:14 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 14:14 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 14:14 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 14:14 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 14:14 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 14:14 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 14:14 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 14:14 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 14:14 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-14 14:14 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 14:14 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 14:14 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-14 14:14 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-14 14:14 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-14 14:14 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 14:14 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 14:14 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 14:14 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 14:14 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 14:14 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 14:14 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 14:14 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 14:14 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 14:14 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 14:14 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 14:14 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 14:14 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 14:14 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 14:14 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 14:14 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 14:14 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 14:14 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 14:14 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 14:14 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 14:14 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-14 14:14 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 14:14 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 14:14 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-14 14:14 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 14:14 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-14 14:14 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 14:14 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 14:14 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-14 14:14 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-14 14:14 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-14 14:14 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-14 14:14 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-14 14:14 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 14:14 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-14 14:14 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 14:14 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 14:14 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 14:14 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 14:14 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 14:14 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 14:14 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 14:14 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 14:14 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 14:14 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-14 14:14 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 14:14 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 14:14 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 14:14 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 14:14 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 14:14 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 14:14 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 14:14 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-14 14:14 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 14:14 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 14:14 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 14:14 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-14 14:14 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 14:14 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 14:14 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-14 14:14 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-14 14:14 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 14:14 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 14:14 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 14:14 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 14:14 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 14:14 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 14:14 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 14:14 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 14:14 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 14:14 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-14 14:14 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 14:14 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 14:14 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-14 14:14 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 14:14 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-14 14:14 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 14:14 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 14:14 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 14:14 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 14:14 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 14:14 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 14:14 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 14:14 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 14:14 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 14:14 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 14:14 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 14:14 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 14:14 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 14:14 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 14:14 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 14:14 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 14:14 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 14:14 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 14:14 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 14:14 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-14 14:14 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-14 14:14 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-14 14:14 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-14 14:14 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-14 14:13 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-14 14:13 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 14:13 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 14:13 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 14:13 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 14:13 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-14 14:13 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 14:13 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 14:13 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 14:13 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 14:13 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 14:13 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 14:13 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 14:13 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 14:13 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 14:13 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-12 13:55 - 2017-06-12 13:55 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-10 17:57 - 2017-06-10 17:57 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsign5dc76923ff4851be
2017-06-10 17:56 - 2017-06-10 17:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsign810c360305acd83c
2017-06-10 07:50 - 2017-06-10 07:50 - 00000000 ___HD C:\adobeTemp
2017-06-10 07:47 - 2017-06-19 23:27 - 00000000 ___RD C:\Users\Bjoern\Creative Cloud Files
2017-06-10 07:47 - 2017-06-10 07:47 - 00003662 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bjoern.caduff@gmail.com
2017-06-10 07:47 - 2017-06-10 07:47 - 00000000 ____D C:\Users\Bjoern\Documents\Adobe
2017-06-10 07:47 - 2017-06-10 07:47 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsigncd10a6e43e839649
2017-06-10 07:42 - 2017-06-19 23:37 - 00000000 ____D C:\Program Files\Adobe
2017-06-10 07:36 - 2017-06-10 07:36 - 02115464 _____ (Adobe Systems Incorporated) C:\Users\Bjoern\Downloads\After_Effects_Set-Up.exe
2017-06-10 07:16 - 2017-06-10 07:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DisplayTune
2017-06-10 07:16 - 2017-06-10 07:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\DisplayTune
2017-06-10 07:15 - 2017-06-21 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-06-10 07:15 - 2017-06-10 07:15 - 00001248 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-06-10 07:15 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2017-06-10 07:15 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comms
2017-06-09 16:56 - 2017-06-09 16:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Meltytech
2017-06-09 16:55 - 2017-06-09 16:55 - 173083960 _____ C:\Users\Bjoern\Downloads\20170509_141173672_PLAYERUNKNOWN'S BATTLEGROUNDS.mp4
2017-06-09 16:52 - 2017-06-09 16:55 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Twitch Leecher
2017-06-09 16:51 - 2017-06-09 16:51 - 18156716 _____ (Fake Smile Revolution) C:\Users\Bjoern\Downloads\TwitchLeecher_1.3.8_x64.exe
2017-06-09 15:35 - 2017-06-02 16:52 - 75361048 _____ C:\Users\Administrator\Downloads\shotcut-win32-170601.exe
2017-06-09 15:35 - 2017-06-02 16:52 - 192421664 _____ C:\Users\Administrator\Downloads\shotcut-win64-170601.exe
2017-06-09 15:28 - 2017-06-09 15:29 - 267152505 _____ C:\Users\Administrator\Downloads\shotcut-170601.zip
2017-06-09 15:24 - 2017-06-09 15:28 - 01496584 _____ C:\Users\Bjoern\Downloads\Shotcut - CHIP-Installer.exe
2017-06-07 20:22 - 2017-06-07 20:22 - 00000324 _____ C:\Users\Administrator\Desktop\Restream Chat.appref-ms
2017-06-07 20:22 - 2017-06-07 20:22 - 00000000 ____D C:\Users\Administrator\Documents\RestreamChat
2017-06-07 20:22 - 2017-06-07 20:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Restream.io
2017-06-07 20:21 - 2017-06-07 21:22 - 00000000 ____D C:\Users\Administrator\AppData\Local\Deployment
2017-06-07 20:21 - 2017-06-07 20:21 - 00271072 _____ C:\Users\Bjoern\Downloads\RestreamChatSetup.exe
2017-06-07 20:21 - 2017-06-07 20:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apps\2.0
2017-06-05 23:11 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-06-05 23:11 - 2017-06-05 23:11 - 00002332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-05 23:11 - 2017-06-05 23:11 - 00002320 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-05 23:10 - 2017-06-05 23:11 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Google
2017-06-05 23:10 - 2017-06-05 23:11 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-05 23:10 - 2017-06-05 23:10 - 01130328 _____ (Google Inc.) C:\Users\Bjoern\Downloads\ChromeSetup.exe
2017-06-05 23:10 - 2017-06-05 23:10 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-06-05 23:10 - 2017-06-05 23:10 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-06-04 22:21 - 2017-06-04 22:21 - 02419882 _____ C:\Users\Bjoern\Downloads\igel karl.zip
2017-06-04 19:18 - 2017-06-04 19:18 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-06-04 19:18 - 2017-06-04 19:18 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-06-04 19:16 - 2017-06-04 19:16 - 15507008 _____ (TeamViewer GmbH) C:\Users\Bjoern\Downloads\teamviewer_setup.exe
2017-06-02 07:36 - 2017-06-02 07:36 - 00493888 _____ C:\WINDOWS\system32\Drivers\mozart_12334867159_fw_dump.cmm
2017-05-27 11:50 - 2017-05-27 11:50 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Users\Bjoern\AppData\Local\paint.net
2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\paint.net
2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Program Files\paint.net
2017-05-27 11:49 - 2017-05-27 11:49 - 07067928 _____ C:\Users\Administrator\Downloads\paint.net.4.0.16.install.zip
2017-05-27 11:49 - 2017-04-16 23:26 - 07094520 _____ C:\Users\Administrator\Downloads\paint.net.4.0.16.install.exe
2017-05-27 11:47 - 2017-05-27 11:48 - 01496584 _____ C:\Users\Bjoern\Downloads\Paint NET - CHIP-Installer.exe
2017-05-26 18:31 - 2017-05-26 18:31 - 00131713 _____ C:\Users\Bjoern\Downloads\outer-space-8d8f.cueprofile
2017-05-26 18:28 - 2017-05-26 18:29 - 00113401 _____ C:\Users\Bjoern\Downloads\world-of-warcraft---azeroth-99cf.cueprofile
2017-05-26 18:26 - 2017-05-26 18:26 - 00131713 _____ C:\Users\Bjoern\Downloads\outer-space-e020.cueprofile
2017-05-26 18:23 - 2017-05-26 18:23 - 00113401 _____ C:\Users\Bjoern\Downloads\world-of-warcraft---azeroth-5ac5.cueprofile
2017-05-26 18:21 - 2017-05-26 18:21 - 00124727 _____ C:\Users\Bjoern\Downloads\blue-embers-117e.cueprofile
2017-05-26 17:42 - 2017-05-26 17:42 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Corsair
2017-05-26 17:42 - 2017-05-26 17:42 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Corsair
2017-05-26 17:41 - 2017-05-26 17:41 - 00001199 _____ C:\Users\Public\Desktop\Corsair Utility Engine.lnk
2017-05-26 17:41 - 2017-05-26 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2017-05-26 17:41 - 2017-05-26 17:41 - 00000000 ____D C:\Program Files (x86)\Corsair
2017-05-26 17:40 - 2017-05-26 17:41 - 168284160 _____ C:\Users\Bjoern\Downloads\CorsairUtilityEngineSetup_2.13.80_release.msi
2017-05-25 20:00 - 2017-05-25 20:00 - 25483032 _____ (Sony Corporation) C:\Users\Bjoern\Downloads\EP0000260866.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-21 14:21 - 2016-09-23 17:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-21 13:38 - 2016-02-16 23:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-06-21 12:48 - 2016-11-18 22:42 - 00000000 ____D C:\Users\Bjoern\AppData\LocalLow\Mozilla
2017-06-21 12:05 - 2016-09-23 17:48 - 06779426 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-21 12:05 - 2016-07-17 00:51 - 03307990 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-21 12:05 - 2016-07-17 00:51 - 00908542 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-21 12:00 - 2016-02-17 16:44 - 00000000 ___RD C:\Users\Bjoern\OneDrive
2017-06-21 12:00 - 2016-02-16 23:45 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Raptr
2017-06-21 11:59 - 2016-09-23 17:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-21 11:59 - 2016-09-23 17:47 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-06-21 11:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-21 11:59 - 2016-07-16 08:04 - 03932160 _____ C:\WINDOWS\system32\config\BBI
2017-06-21 11:58 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-21 11:58 - 2016-03-29 15:59 - 00002442 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-21 11:58 - 2016-03-29 15:59 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-06-21 11:58 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\Dropbox
2017-06-21 11:58 - 2016-03-29 15:52 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-06-21 11:57 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2017-06-21 11:57 - 2016-02-18 18:34 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-21 11:33 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-21 10:16 - 2016-02-17 00:06 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Battle.net
2017-06-21 10:15 - 2016-02-17 00:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-06-21 10:14 - 2016-11-18 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-21 10:14 - 2016-02-16 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-21 09:49 - 2016-02-18 20:14 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\obs-studio
2017-06-21 09:43 - 2016-02-19 20:24 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\TS3Client
2017-06-21 01:40 - 2016-02-28 14:49 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\vlc
2017-06-21 01:38 - 2016-11-05 16:39 - 00000000 ____D C:\Users\Bjoern\Documents\Citavi 5
2017-06-20 15:18 - 2016-02-17 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-20 14:26 - 2016-09-23 17:48 - 00000000 ____D C:\Users\Bjoern
2017-06-20 09:00 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-19 23:39 - 2016-09-23 17:47 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-19 23:38 - 2016-02-23 20:26 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-19 23:38 - 2016-02-18 16:11 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Adobe
2017-06-19 23:37 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-06-19 23:35 - 2016-09-01 13:35 - 00001135 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-19 23:28 - 2016-02-23 20:26 - 00000000 ____D C:\ProgramData\Adobe
2017-06-19 23:27 - 2016-02-18 20:33 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Adobe
2017-06-18 18:13 - 2016-02-17 00:06 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Battle.net
2017-06-17 14:51 - 2016-10-30 18:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-06-17 14:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-17 14:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-17 14:50 - 2016-02-17 00:08 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Apps\2.0
2017-06-17 10:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-06-17 09:10 - 2016-03-12 13:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-16 22:52 - 2016-11-23 19:46 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Curse Client
2017-06-14 21:22 - 2016-02-17 21:11 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-14 21:21 - 2017-04-29 20:26 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\discord
2017-06-14 20:14 - 2016-09-23 17:46 - 00226896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 20:14 - 2016-02-27 15:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 20:14 - 2016-02-27 15:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 14:50 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-14 14:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 14:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 14:22 - 2016-02-16 23:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 14:19 - 2016-02-27 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 14:19 - 2016-02-16 23:30 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 14:18 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 14:04 - 2016-09-23 17:48 - 00000000 ____D C:\Users\Administrator
2017-06-13 19:29 - 2016-12-09 20:27 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-13 19:29 - 2016-02-18 18:36 - 00002421 _____ C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-11 18:54 - 2016-02-27 22:43 - 00000000 ____D C:\Users\Bjoern\AppData\Local\JDownloader v2.0
2017-06-10 07:16 - 2017-05-05 11:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Sharkoon X-Rest 7.1
2017-06-10 07:15 - 2016-02-18 18:26 - 00000000 ____D C:\Program Files (x86)\Razer
2017-06-09 15:27 - 2017-05-08 17:33 - 00000000 ____D C:\Users\Bjoern\Desktop\Twitch
2017-06-04 22:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-03 10:11 - 2016-02-16 23:26 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-31 19:34 - 2016-02-17 21:10 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Dropbox
2017-05-28 09:28 - 2016-02-18 18:34 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Packages

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-29 15:53 - 2016-03-29 15:53 - 0000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Bjoern\Razer Synapse Tournament Drivers 20161016_0957.exe
C:\Users\Bjoern\Razer Synapse Tournament Drivers 20170127_1855.exe


Einige Dateien in TEMP:
====================
2017-01-14 12:56 - 2012-06-13 11:17 - 0727712 ____N (CANON INC.) C:\Users\Administrator\AppData\Local\Temp\MPDD0000.exe
2017-06-10 22:25 - 2017-06-10 22:25 - 0040448 ____N () C:\Users\Bjoern\AppData\Local\Temp\proxy_vole3116863511110200310.dll
2017-06-19 23:34 - 2017-06-19 23:35 - 30950664 _____ () C:\Users\Bjoern\AppData\Local\Temp\vlc-2.2.6-win32.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-13 18:34

==================== Ende von FRST.txt ============================
         

Alt 21.06.2017, 13:28   #17
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-06-2017 01
durchgeführt von Administrator (21-06-2017 14:25:58)
Gestartet von C:\Users\Bjoern\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-23 15:54:47)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-564169924-83152284-3685802786-500 - Administrator - Enabled) => C:\Users\Administrator
Bjoern (S-1-5-21-564169924-83152284-3685802786-1000 - Administrator - Enabled) => C:\Users\Bjoern
DefaultAccount (S-1-5-21-564169924-83152284-3685802786-503 - Limited - Disabled)
Gast (S-1-5-21-564169924-83152284-3685802786-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-564169924-83152284-3685802786-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
ACP Application (Version: 2016.0718.1650.38 - Advanced Micro Devices, Inc.) Hidden
adbLink version 3.00 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 3.00 - jocala.com)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Age of Conquest IV (HKLM\...\Steam App 314970) (Version:  - Noble Master LLC)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version:  - Ensemble Studios)
Amazon Assistant (HKLM-x32\...\{AA8C14D6-B69F-44A8-8F52-AE1BF8B99B4F}) (Version: 10.17.0612 - Amazon) <==== ACHTUNG
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare Remastered - Multiplayer (HKLM\...\Steam App 393100) (Version:  - Raven Software)
Call of Duty: Modern Warfare Remastered (HKLM\...\Steam App 393080) (Version:  - Raven Software)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Chromium (HKU\S-1-5-21-564169924-83152284-3685802786-500\...\Chromium) (Version: 51.0.2683.0 - Chromium)
Citavi 5  (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.4.0.2 - Swiss Academic Software)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Corsair Utility Engine (HKLM-x32\...\{AD19976A-08A1-4E11-862D-256178BF9864}) (Version: 2.13.80 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Day of Defeat: Source (HKLM\...\Steam App 300) (Version:  - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
Discord (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.15.008 - Portrait Displays, Inc.)
DOOM Open Beta (HKLM\...\Steam App 350470) (Version:  - id Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 28.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.)
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version:  - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V - The Manual (HKLM-x32\...\{752EBD91-8B95-42B5-8692-A7243A6EEEA9}) (Version: 1.0.0 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Heavy Bullets (HKLM-x32\...\c7325e58-5895-4667-81a2-1854397fbb43) (Version:  - DFE5J)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HP Dropbox Plugin (HKLM-x32\...\{30AE8906-4419-403F-86D3-5FC9AA4BEEF6}) (Version: 36.0.49.62779 - HP)
HP Google Drive Plugin (HKLM-x32\...\{8A472621-0EA0-4FC5-9F7F-7043778F12AB}) (Version: 36.0.49.62779 - HP)
HP OfficeJet Pro 6960 - Grundlegende Software für das Gerät (HKLM\...\{15105C5B-BB1E-429C-81B3-8797466C07DA}) (Version: 39.4.1979.16354 - HP Inc.)
HP OfficeJet Pro 6960 Hilfe (HKLM-x32\...\{88A76160-F03B-4B0E-835F-87A061B674E4}) (Version: 39.0.0 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8B956FB3-FD54-4C58-8256-8103F0D91B77}) (Version: 36.0.0.0 - HP)
I.R.I.S. OCR (HKLM-x32\...\{77374D45-3BBF-4633-A2DF-188CD2106A67}) (Version: 12.3.7.0 - HP)
inCloak VPN (HKLM-x32\...\{F838701D-CCCA-4238-91CE-BEA41AABA04A}) (Version: 1.22 - inCloak Network Ltd.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Jagged Alliance - Back in Action (HKLM\...\Steam App 57740) (Version:  - Coreplay GmbH)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-564169924-83152284-3685802786-500\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\Uplay Install 44) (Version:  - Ubisoft)
Mordheim: City of the Damned (HKLM\...\Steam App 276810) (Version:  - Rogue Factor)
Mozilla Firefox 54.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 de)) (Version: 54.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! Unchained (HKLM\...\Steam App 427270) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Pivot Pro Plugin (x32 Version: 9.61.004 - Portrait Displays, Inc.) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version:  - )
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.21.0-r121815-release - Plays.tv, LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.2.4 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Restream Chat (HKU\S-1-5-21-564169924-83152284-3685802786-500\...\5574fe55cba0ac1f) (Version: 2.2.1.38 - Restream.io)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SDK (x32 Version: 2.40.012 - Portrait Displays, Inc.) Hidden
Sharkoon X-Rest 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 1.1.16.8 - Sharkoon Technologies)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.97.4382 - Electronic Arts)
Sparta (HKU\S-1-5-21-564169924-83152284-3685802786-500\...\Sparta) (Version:  - Sparta) <==== ACHTUNG
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP OfficeJet Pro 6960 (HKLM\...\{0C643588-3357-44CA-A6C7-3DEFC84598F0}) (Version: 39.4.1979.16354 - HP Inc.)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
The Talos Principle (HKLM\...\Steam App 257510) (Version:  - Croteam)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.0.3 - Electronic Arts, Inc.)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch)
Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-564169924-83152284-3685802786-1000_Classes\CLSID\{5743f98d-03a5-429a-bbf2-cf689b0838ce}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B572CF7-16A9-41B7-9F2B-E25984AFCE4D} - System32\Tasks\{0C0E2EF5-6184-4ED8-94B0-AA9FEDBBB092} => C:\Users\Bjoern\Downloads\LGS_8.79.77_x64_Logitech(5).exe [2016-02-18] (Logitech Inc.)
Task: {0C28C420-CBEB-49A7-8BF7-BA6CED90D5CF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0EC1EB9B-5BE8-4E0C-9879-E554261A1CA6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {11D3A6B0-D88E-445E-AB62-1994AB29AC2A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {13CECC4D-D73F-4085-92EC-BD593FC22D8B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1466B3E9-3C63-406B-AF09-5360A0A7196E} - System32\Tasks\HPCustPartic.exe_{BC84BEF4-9F45-4152-9C2C-A9D37F852002} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.)
Task: {169360AB-9628-4148-95AD-4B50B4FFC551} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {198AFF7A-448F-4BCD-8535-EA1553EB7454} - System32\Tasks\{DB291251-33CE-4CF5-943F-3C0B4EB63C44} => C:\Users\Bjoern\Downloads\LGS_8.79.77_x64_Logitech(5).exe [2016-02-18] (Logitech Inc.)
Task: {2BDEEB32-A766-4B15-8121-05739AA57ACB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-17] (Dropbox, Inc.)
Task: {35A179DB-F28E-4B48-BCBA-F3EDD30E0917} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {38D3548C-32A2-495E-A002-91A8FB4D12D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {3AA96B27-F684-4B4E-A6A0-E34E415E304F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-05] (Google Inc.)
Task: {3BDC8660-B17C-4F59-8531-CD7FEA6A87A0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bjoern.caduff@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {3C2CF6E6-9E3A-443C-BF2D-D65B8F6ECE51} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3D59AC35-9BAA-4B24-9E9A-208A26A36A2B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {3E8EA0D4-DAE7-4222-936C-B9C36EAC46E3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {42B8C1EF-F92E-404F-83D9-1577C4717E0A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4B645A68-933F-4965-8787-3FADBEA2C8AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {50336CCA-4498-4375-8834-10A20E6DA1F0} - System32\Tasks\ScanToPCActivationApp.exe_{75EB032B-2975-406D-88FB-2FFB125E4B3D} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\ScanToPCActivationApp.exe [2016-12-19] (HP Inc.)
Task: {594F6BAD-A14C-4A7A-8235-35BA32E0A262} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {610E93EF-1973-4852-ABB3-D7D4647CD957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {71611240-8CF4-4E28-9125-C68828D8993D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {75A59B23-2A2F-435A-8EC2-9AC82BFC04DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {77A9F491-B51F-4118-8C34-CF3B5552FAFC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {789D8861-C318-4D2A-BC8A-407C9800353E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {7BB3AC92-9677-47E1-BEA5-C1342EDF167E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7E409B5F-D9E7-41A0-A471-18015B36FF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7EC901A1-B04C-466F-9EDE-FA4F873F4044} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {900C4667-D038-4592-92DE-D1CC360DDCAF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90267BE0-F96F-428B-BB62-461E511B59A6} - System32\Tasks\HPCustPartic.exe_{817608E4-C049-41EA-B311-A52598BB8965} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.)
Task: {91A30F08-3845-4C6D-B4FB-A064AB0AF79E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Bjoern\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {93D09D89-EABF-443C-BC31-A88EEEDA621F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {98EECE31-5197-47BA-AD28-CF713F3634D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {9D7F60EC-3FB6-4BFC-9A54-41FC99EDDC43} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F2B2554-5AFB-4B2D-BBCF-3913697261E1} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: {A4DFE095-8066-44EE-BAB7-B3BD3692E58A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {A55B29AF-7F27-4025-9ED8-116FCCB9C7B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-05] (Google Inc.)
Task: {AE24B250-E2E0-4277-BEB8-4A15D522D1F3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {B0886CDD-DD45-4D58-AE65-A234DB1293EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {BD4DCC5C-E953-4983-9643-B4912FED14B0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C39C45AE-DEC4-4031-A07D-A753E70E98D8} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 6960 => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.)
Task: {C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CBA401E0-42F5-4560-81C4-C55E532EDB81} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC9F81AD-EBE9-473E-83FC-8BEBD3505ED7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFF0D3DC-2AF1-49F2-B8A3-D00DE06BFDAB} - System32\Tasks\FaxApplications.exe_{C7C9E516-0EBD-4E50-A6B1-DF45B79396D9} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\FaxApplications.exe [2016-12-19] (HP Inc.)
Task: {D338BC63-55B5-4723-B29A-FD1737A68396} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA9E00C8-FEAC-49BD-885F-A6D6BA58526C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DAB8FEC9-6F96-49A4-8529-B453A28C0E19} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {DFD7912D-89C4-4C4B-875C-270F6836337B} - System32\Tasks\Toolbox.exe_{A6A62D22-F6A9-43DC-941D-15C2F1D09015} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\Toolbox.exe [2016-12-19] (HP Inc.)
Task: {EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {EC20AF13-6AEA-40FD-B9A0-3F1472C519BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F37D229B-5588-455E-BE29-1F4DFEA9C440} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-17] (Dropbox, Inc.)
Task: {F8817B1A-9273-4EC5-B716-DF0D7B8E65AA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Administrator\Desktop\Sparta.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://plarium.com/play/de/sparta/001_top?adCampaign=85537&clickID=yBzztByE0A0FtAtAzzyByCyBtA0D0EyC&publisherID=102
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparta\Sparta.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://plarium.com/play/de/sparta/001_top?adCampaign=85537&clickID=yBzztByE0A0FtAtAzzyByCyBtA0D0EyC&publisherID=102
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Sparta.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://plarium.com/play/de/sparta/001_top?adCampaign=85537&clickID=yBzztByE0A0FtAtAzzyByCyBtA0D0EyC&publisherID=102

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-06-14 14:14 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-29 13:55 - 2014-04-04 15:10 - 00098320 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2017-06-14 13:11 - 2017-06-14 13:11 - 00104624 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-06-14 13:12 - 2017-06-14 13:12 - 00159408 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll
2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-09-23 17:46 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-06-20 22:59 - 2017-06-20 23:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-21 21:13 - 2016-12-21 21:13 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-08-29 13:55 - 2014-04-04 15:10 - 00275472 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-23 18:43 - 2016-09-23 18:43 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 20:54 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-06-21 07:42 - 2017-06-21 07:42 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 07:42 - 2017-06-21 07:42 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 07:42 - 2017-06-21 07:42 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 07:42 - 2017-06-21 07:42 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 08:37 - 2017-04-07 08:37 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-08-29 13:55 - 2013-06-18 12:26 - 00677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2016-08-29 13:55 - 2013-06-18 12:26 - 00714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2016-08-29 13:55 - 2014-04-04 15:10 - 00163344 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
2016-08-29 13:55 - 2014-04-04 15:10 - 00197136 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
2017-03-14 20:55 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 20:55 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 20:55 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-14 14:14 - 2017-06-03 10:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-06-14 14:14 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-14 14:14 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-06-01 17:39 - 2017-06-01 17:39 - 23661056 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-06-01 17:39 - 2017-06-01 17:39 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 15:24 - 2017-05-26 15:24 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-20 08:54 - 2017-06-20 08:54 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-20 08:54 - 2017-06-20 08:54 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-03 16:38 - 2017-06-03 16:38 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-03 16:38 - 2017-06-03 16:38 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-06-03 16:38 - 2017-06-03 16:38 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-03 16:38 - 2017-06-03 16:38 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-03 18:04 - 2016-06-03 18:05 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-03 16:38 - 2017-06-03 16:38 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-05 14:55 - 2017-05-05 14:55 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 14:40 - 2016-03-04 14:40 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-06-01 17:39 - 2017-06-01 17:39 - 30965760 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-06-01 17:39 - 2017-06-01 17:39 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 15:24 - 2017-05-26 15:24 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-09-23 17:46 - 2017-06-21 11:59 - 00029696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-09-23 17:46 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-10-07 13:48 - 2016-12-21 21:23 - 02493440 _____ () F:\Games\EA\Origin\libGLESv2.dll
2016-08-29 13:55 - 2014-04-04 15:10 - 00093712 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2017-06-14 21:22 - 2017-06-12 13:52 - 00775488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-14 21:22 - 2017-06-12 13:52 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2016-02-17 21:12 - 2017-06-12 13:52 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-02-17 21:12 - 2017-06-12 13:54 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-02-17 21:12 - 2017-06-12 13:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-06 15:27 - 2017-06-12 13:55 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-14 21:22 - 2017-06-12 13:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-02-17 21:12 - 2017-06-12 13:54 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-06 15:27 - 2017-06-12 13:55 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-15 19:31 - 2017-06-12 13:55 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2016-02-17 21:12 - 2017-06-12 13:55 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-03-01 18:41 - 2017-06-12 13:55 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-01-25 19:47 - 2017-06-12 13:55 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 16:36 - 2017-06-12 13:55 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-25 19:47 - 2017-06-12 13:55 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-25 19:47 - 2017-06-12 13:55 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-25 19:47 - 2017-06-12 13:55 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-17 21:12 - 2017-06-12 13:55 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-14 21:22 - 2017-06-12 13:54 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-06-14 21:22 - 2017-06-12 13:54 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-16 18:36 - 2017-06-12 13:54 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-14 21:22 - 2017-06-12 13:52 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-08-06 15:27 - 2017-06-12 13:55 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-09 16:51 - 2017-06-12 13:54 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 21:01 - 2017-05-04 21:01 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 23:59 - 2015-11-13 23:59 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 23:59 - 2015-11-13 23:59 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll
2015-05-08 03:38 - 2015-05-08 03:38 - 00263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd
2015-11-13 23:58 - 2015-11-13 23:58 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2016-08-29 13:55 - 2014-04-04 15:10 - 00187920 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2017-05-22 12:13 - 2017-05-22 12:13 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 50656768 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 19:33 - 2017-05-04 19:33 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2017-04-26 15:26 - 2017-04-26 15:26 - 00044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2017-04-26 15:27 - 2017-04-26 15:27 - 00199680 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2017-04-26 15:37 - 2017-04-26 15:37 - 00086528 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
2017-04-26 15:26 - 2017-04-26 15:26 - 00097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2016-12-01 13:28 - 2016-12-01 13:28 - 01983488 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
2016-12-01 13:28 - 2016-12-01 13:28 - 00013824 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2017-03-20 13:20 - 2016-10-08 09:13 - 50656768 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 01874944 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 00075264 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 01874944 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 00075264 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2016-02-17 19:43 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\SDL2.dll
2016-02-17 19:43 - 2016-09-01 03:02 - 04969248 _____ () F:\Steam\v8.dll
2016-02-17 19:43 - 2017-06-08 07:42 - 02485536 _____ () F:\Steam\video.dll
2016-02-17 19:43 - 2016-01-27 09:49 - 02549760 _____ () F:\Steam\libavcodec-56.dll
2016-02-17 19:43 - 2016-01-27 09:49 - 00491008 _____ () F:\Steam\libavformat-56.dll
2016-02-17 19:43 - 2016-01-27 09:49 - 00332800 _____ () F:\Steam\libavresample-2.dll
2016-02-17 19:43 - 2016-01-27 09:49 - 00442880 _____ () F:\Steam\libavutil-54.dll
2016-02-17 19:43 - 2016-01-27 09:49 - 00485888 _____ () F:\Steam\libswscale-3.dll
2016-02-17 19:43 - 2016-09-01 03:02 - 01563936 _____ () F:\Steam\icui18n.dll
2016-02-17 19:43 - 2016-09-01 03:02 - 01195296 _____ () F:\Steam\icuuc.dll
2016-02-17 19:43 - 2017-06-08 07:42 - 00877856 _____ () F:\Steam\bin\chromehtml.DLL
2016-03-09 16:58 - 2016-07-05 00:17 - 00266560 _____ () F:\Steam\openvr_api.dll
2016-12-12 21:03 - 2017-05-08 21:45 - 69516064 _____ () F:\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 15:43 - 2017-05-17 03:54 - 00678176 _____ () F:\Steam\bin\cef\cef.win7\SDL2.dll
2015-03-21 01:15 - 2017-06-08 07:42 - 00385312 _____ () F:\Steam\steam.dll
2016-02-17 19:43 - 2015-09-25 01:52 - 00119208 _____ () F:\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-564169924-83152284-3685802786-500\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-06-17 15:39 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-564169924-83152284-3685802786-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bjoern\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{6331ae71-0058-4ab7-a86c-12fdfc2a900b}.jpg
HKU\S-1-5-21-564169924-83152284-3685802786-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: chip1click => 2
MSCONFIG\Services: PlaysService => 2
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-564169924-83152284-3685802786-500\...\StartupApproved\Run: => "EADM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B4DFAE12-8162-4635-BCBE-01C560D3BFBB}] => (Allow) F:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{16EB85B9-A3C4-47B2-9440-48EA6237009C}] => (Allow) F:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{A4530FF1-3888-4B71-BC9F-F555A98C5A05}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{FA15EC11-2400-45A8-BE8A-06DA3985E01E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{444B5F84-9E11-4A05-B358-1481F6BBBD7E}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F334DC1A-2739-4FED-9134-62CC8135B3DA}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6DDD2CF2-6459-44F4-8B95-8CE32EC04552}] => (Allow) F:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{BEC8A5DF-2DEE-4921-87FC-09DBC36E4646}] => (Allow) F:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{230436B4-F253-498A-AC01-CC4BB733E4B7}] => (Allow) C:\Users\Administrator\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{ED817AAC-0F44-4FA1-ABD4-CCCB69FDBCB0}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{56D275C7-6AFE-4FA4-9087-D2567DC07451}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{C129D92B-7C91-4A17-9E16-91A70E9B33E0}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{A6D2B6FA-A9EB-4491-95B8-AE027DD51B8B}] => (Allow) F:\Games\Uplay\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{E62A7D80-3B57-4FE1-9D51-0BA56A9CFAF7}] => (Allow) F:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{59940059-D9C4-452D-8B8B-8727F1601A05}] => (Allow) F:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{14384E0D-5B17-405F-8500-84E32A79155C}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{60B5B5FB-125B-4A10-8A36-53CD52D4DAB3}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DD02CD93-5F8D-4DE0-909F-F6D27EADD8D9}] => (Allow) F:\Steam\steamapps\common\DOOM Open Beta\DOOMx64.exe
FirewallRules: [{3B22B37E-1B55-4B7A-A475-BC3A1A383F33}] => (Allow) F:\Steam\steamapps\common\DOOM Open Beta\DOOMx64.exe
FirewallRules: [{50833A46-9FDF-4CC1-866C-F15F6BEE8124}] => (Allow) F:\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{12DE8B49-A6C6-4FFC-9169-67B663DB62F8}] => (Allow) F:\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{8D3A2DBE-491E-4DE4-87BD-D7E42B06483F}] => (Allow) F:\Steam\steamapps\common\BloonsTD5\BTD5-Win.exe
FirewallRules: [{2DAC7759-F765-4256-9248-63B99565111B}] => (Allow) F:\Steam\steamapps\common\BloonsTD5\BTD5-Win.exe
FirewallRules: [{1DE659C0-8B4C-4301-8A36-0ABEAE581D13}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{4B6BF6BF-6ED3-4AEE-A8FB-81212E421A9E}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{DDBE0211-1AE9-41C2-AF88-DAAB78B4D7CA}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{A5BDAFC9-9C60-4F75-8ADA-4F36C445DA24}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{D8C986EE-C6FA-461E-A22B-0215F5DB5884}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{D4A5A85F-17EC-46DD-A41D-B664DB81833E}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{7D553120-4CCD-40ED-92FE-B8C15DF9A9D8}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{8F20C0CB-B1AC-4B66-97A3-BD2AAF2462E8}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{C1B3D135-9703-4B79-A3B8-BEBBDBD42B55}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{3BE37640-9BFA-401C-BD13-DBAF36CD3D66}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{E165101A-68FC-4480-B0D3-07D437EBC595}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68BF53F7-C99F-4F9C-86D7-4C2442692FE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E270DD34-3801-4445-BFB1-91E70FEB21BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{385369FF-AD09-465D-BEDD-554C26AEE6D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6E803E56-8229-4902-BD3F-86CC35BD2CE9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3CFE430A-4EE3-4B03-9558-B63512FF7A48}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{7113AFFE-3CB4-4E3D-A8E8-923D3141ACB8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{E86EFCA6-531C-431D-B115-CE134849EA92}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{12AB4340-88C1-4A06-A266-CFB4F8ACD017}] => (Allow) C:\Users\Bjoern\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{028AECDE-03E9-4A41-B7DA-B09FFC18076D}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{7BDEF756-588B-42FD-8D4D-DF03BC6F4707}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{46444FD0-1C64-41D4-9736-D052D5A4B8A5}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{059B5865-F287-4B15-A5FB-79D1B46AEA9C}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{45783AD2-363B-4A20-B14B-2CBEC765F644}] => (Allow) F:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{C40DF1CB-E728-4114-BD46-22B974277592}] => (Allow) F:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{22AEB58C-8A4D-45DC-A460-2824920A8EBD}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{7B269D47-646F-4C8C-8EA5-E8FC04CA6D5F}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{AD61AD98-544A-4141-810E-B04E2AE53969}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{E6C63998-924B-4145-83E6-CA952A6C861C}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BC95A939-B471-44B1-9B00-981754DE572B}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{74732222-5FD1-4B50-B83B-B449B7BEA8C4}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{1C22C5FC-2CEA-4F1E-8C89-2F33DD4E7818}] => (Allow) F:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{9B9A60BD-7B0C-4425-A632-A87FB59ACE3D}] => (Allow) F:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{676FF26B-D02E-481F-A376-C450FFC865C9}] => (Allow) F:\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{BD615C38-4A01-42E2-BED4-C976F1DE4A5B}] => (Allow) F:\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{48418C04-1BF6-4EF0-A666-AD26769CC43B}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_mp64_ship.exe
FirewallRules: [{030AB5A9-E11A-461C-A38C-D24DC7707025}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_mp64_ship.exe
FirewallRules: [{BB44593E-9C9B-4927-BA2B-FA3070F13C8F}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_sp64_ship.exe
FirewallRules: [{E20954B3-2727-4E68-A8EB-E2703C5FDACD}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_sp64_ship.exe
FirewallRules: [{15C53E81-63CD-4A77-932F-D04FBD9C9215}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{C357C6E8-A0A3-4868-A4D5-1B676C1CFCC9}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{4DE55B7B-967B-40BA-8EF2-A04EBD83243F}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DB494B08-B636-47D5-963B-424D5EE65429}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F1AFD9E1-1ACB-4F7B-8CA2-EA1A8184215A}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe
FirewallRules: [{71208021-3A16-4DDC-9C88-22F81B7BE69E}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{DEBEF465-6B0A-4413-A804-64D4F492EB1B}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{FB7967B1-D7F6-4F6C-90C6-EF45F26C246F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{688DF777-41EC-4E0A-91C9-33BCECFEACF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D3C2B11B-B480-4073-8EF8-314CA5F9ACB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5A9DE9C4-08E7-488E-BFFB-3C4A3CB5AFA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{629D6208-E9AF-4598-930E-A9915A558077}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{1FA3F747-99C4-4CF1-B552-B222F22C7AC1}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{3AB42E84-99EB-45D3-9003-2AB87CE09598}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{D738AE8B-D200-4F9A-8F15-573474FC94EF}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{9F9E2F30-5B70-4D9D-837E-6DA895FA0298}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Tiberium Wars\RetailExe\1.9\cnc3game.dat
FirewallRules: [{362A060B-C88B-4CB0-B20E-8852F4FE3202}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Kanes Wrath\RetailExe\1.2\cnc3ep1.dat
FirewallRules: [{73649E6E-F4FF-4665-98B7-DF25947CA13E}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2.exe
FirewallRules: [{2529D13B-D2CE-4ABF-B288-DF5AA92377FB}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2.exe
FirewallRules: [{D6EEB2B2-7BCA-487E-8AB0-CB4B8287A97F}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{D1FBD3A3-AA1D-487D-8FB1-E094746EED25}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{D8025864-AC88-414A-B4C4-8E16CA55AB25}] => (Allow) F:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{3F90E33F-3E3C-48BF-B65E-8EE00B413298}] => (Allow) F:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{55A765EA-28F5-45F0-BEF5-166FDC778C74}] => (Allow) F:\Games\Uplay\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{46B456EF-0A88-4033-AB10-760522DD5F6A}] => (Allow) F:\Games\Uplay\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{BEE3D71F-DC83-45D7-B1A9-B3F8B15E261D}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{3E883446-62FC-45C5-8893-A27D42B0D3C4}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{72451E96-7EBB-40CE-AD9F-404489567D8B}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{4796EB4A-ED80-42B7-A3F3-5B9B92478899}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{2CF07C90-CDA8-4905-B19D-0C3697F05202}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{002A8C06-C19C-4125-9158-4848B9982CB3}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{F3022BCC-78EB-496D-BC9F-05D7CAB3AFAD}] => (Allow) F:\Steam\steamapps\common\Age of Conquest IV\app_main.exe
FirewallRules: [{A28095C3-766F-4198-A0C8-F61428C8F221}] => (Allow) F:\Steam\steamapps\common\Age of Conquest IV\app_main.exe
FirewallRules: [{95DA8850-7D1A-461E-9158-856B057E55AA}] => (Allow) F:\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{5564538A-6D24-4481-9C3B-03538844E58E}] => (Allow) F:\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{1380FD59-F516-4C34-B2DB-30F0670C46DD}] => (Allow) F:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{0DCFCABB-0C71-48DF-9B33-DEB6D3A52064}] => (Allow) F:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{A7382D8B-6713-4D62-AC99-71D329C31E45}] => (Allow) F:\Games\GTA\GTA5.exe
FirewallRules: [{8024C602-BCC9-40AE-AFB5-A2A8B727CAEB}] => (Allow) F:\Games\GTA\GTA5.exe
FirewallRules: [{73ED5265-91D4-4390-8E87-0FD8B403D2B8}] => (Allow) C:\Users\Bjoern\AppData\Local\Temp\7zS010F\HP.EasyStart.exe
FirewallRules: [{CF775FD1-1DB2-47F8-BFD6-F4A6C6108119}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxApplications.exe
FirewallRules: [{1773877F-38B4-492C-99FD-487E70985150}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\DigitalWizards.exe
FirewallRules: [{66C4DD67-0A38-433E-885B-B67F80B0401C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\SendAFax.exe
FirewallRules: [{CCAEB1D8-BE06-4430-9A3D-4C340E0F0D4A}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxPrinterUtility.exe
FirewallRules: [{AC6B80F7-8731-4810-9A65-D6BD7AFE6229}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\DeviceSetup.exe
FirewallRules: [{0EF5BDAC-0822-4B5C-8E49-249D73A0158C}] => (Allow) LPort=5357
FirewallRules: [{B8E54B39-43F3-42ED-B5BA-CD43E59E84EA}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{525AE209-85B6-4E15-BDF1-224E3F772691}] => (Allow) F:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{37E92F72-18D8-4618-B056-8CEFF2F44A68}] => (Allow) F:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [TCP Query User{5D606C15-0272-4D7F-9DEE-8B5FA81CA8B6}F:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steam\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [UDP Query User{F59F9874-7927-47A5-B4D1-617E01982A60}F:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steam\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [{B467F4A5-CCEB-439E-83AD-24F1D650DF81}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{A13FEBC2-4224-4292-8A81-37F12DAB4426}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{6F4E6023-9B6E-4FEA-B242-97A107969CC1}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{9A4DE7FF-784F-48DD-B3BE-D000BB91C605}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{E590CF17-A79D-4015-AAF4-C9BEB9B204A8}] => (Allow) F:\Games\Uplay\Ghost Recon Wildlands Beta\GRW.exe
FirewallRules: [{A0432021-23C1-40E8-9EF5-4F8248C9BCC9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{898B83F7-238C-49A9-A842-0B2DB5AAFD18}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{0770C61D-8913-4279-9191-688BDD7048A1}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{A90633FB-FC73-4CD3-8AE2-93C9356650B0}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{1682D730-9870-4D51-98CA-59DD33414433}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{BBD5F608-A4BF-465E-BCAB-F05120C694F1}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{2929A467-6331-47E6-84C8-65C4FBD4533D}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{84BA020A-D954-4BAE-B12F-151680B4094B}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{57745C9B-C4A5-4A57-AB57-84AED755CE2C}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{69A96790-4259-40B5-8871-89617BB01C93}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{D89315C0-CEAE-464E-9D27-565297831813}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{21B9669E-267B-461D-9F4E-C1E5F3D4D0C7}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{52D36283-A917-42B8-B269-7122F4E47450}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{6B3C3FBB-E735-4A46-990D-2C6D5B3FEC8C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E5C68C45-6041-4B68-8221-0D550E41C1E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{B4508F76-452B-4DA5-B50C-8E921253FA36}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{1F75ADED-1CC7-4173-88DE-76B944AE37C6}] => (Allow) F:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{24A8696A-C056-45CB-B5CC-824F8CDB2C29}] => (Allow) F:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{A8280086-437B-469C-B078-758FD4F1151F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8CDEFE31-B44E-409F-9BC1-7E8D960ACD8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CEB8698B-325F-4152-A2DD-795ACEF673FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8AF177E0-AFD6-403A-87CF-8623D3D55770}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{025E7B1E-1B4A-426A-A797-E29E779076F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{42C9293D-B5A7-4191-B807-4FE1B097650C}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{90061B05-B203-4F4A-A26C-B72099508133}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{6470492B-21E6-41C1-A990-475940A6FCFE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/21/2017 11:57:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Bjoern-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/21/2017 09:26:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 10.0.14393.1198 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3654

Startzeit: 01d2ea0de4540692

Beendigungszeit: 183

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: e39d92d3-5652-11e7-857a-001986002416

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/20/2017 11:16:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Bjoern-PC)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (06/17/2017 01:11:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Bjoern-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/17/2017 12:45:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Bjoern-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/16/2017 10:52:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm TwitchUI.exe, Version 1.4.12.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2b3c

Startzeit: 01d2e6c8a2f288e3

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\Bjoern\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe

Berichts-ID: c1c5cf03-52d5-11e7-8577-001986002416

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (06/16/2017 08:47:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (06/16/2017 08:47:35 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (06/16/2017 08:47:34 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (06/16/2017 08:47:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


Systemfehler:
=============
Error: (06/21/2017 12:05:01 PM) (Source: DCOM) (EventID: 10016) (User: Bjoern-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Bjoern-PC\Bjoern" (SID: S-1-5-21-564169924-83152284-3685802786-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{7D1933CB-86F6-4A98-8628-01BE94C9A575}
 und der APPID 
{F290BFB2-1864-45B1-8804-2654194A87E7}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/21/2017 12:05:01 PM) (Source: DCOM) (EventID: 10016) (User: Bjoern-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Bjoern-PC\Bjoern" (SID: S-1-5-21-564169924-83152284-3685802786-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{7D1933CB-86F6-4A98-8628-01BE94C9A575}
 und der APPID 
{F290BFB2-1864-45B1-8804-2654194A87E7}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/21/2017 11:59:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/21/2017 11:59:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/21/2017 11:59:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/21/2017 11:59:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (06/21/2017 11:59:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "amdacpksd" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (06/21/2017 11:57:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/21/2017 11:57:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/21/2017 11:57:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-06-21 12:05:45.397
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-21 12:05:45.260
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

  Date: 2017-06-21 10:26:11.118
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-21 10:26:10.982
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

  Date: 2017-06-17 11:09:32.961
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

  Date: 2017-06-17 11:09:03.573
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-17 11:09:03.522
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

  Date: 2017-06-17 11:08:59.991
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

  Date: 2017-06-17 11:08:57.298
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-17 11:08:57.239
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 16325.89 MB
Verfügbarer physikalischer RAM: 11953.89 MB
Summe virtueller Speicher: 32709.89 MB
Verfügbarer virtueller Speicher: 26645.43 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:12.19 GB) NTFS
Drive d: (Foto Pollmann) (CDROM) (Total:0.08 GB) (Free:0 GB) UDF
Drive e: (Volume) (Fixed) (Total:232.78 GB) (Free:151.57 GB) NTFS
Drive f: (Volume) (Fixed) (Total:3725.9 GB) (Free:1813.05 GB) NTFS
Drive g: () (Fixed) (Total:69.02 GB) (Free:67.78 GB) NTFS
Drive h: () (Fixed) (Total:931.51 GB) (Free:115.67 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 69.2 GB) (Disk ID: 28EB28EB)

Partition: GPT.

========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 54B05093)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1EFD05FA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 111.8 GB) (Disk ID: 7F66E476)
Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 4 (Size: 931.5 GB) (Disk ID: 977A5656)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 21.06.2017, 14:20   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Adobe Acrobat Reader DC

    Amazon Assistant

    chip 1-click download service

    JDownloader 2

    Sparta

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

__________________
__________________

Alt 21.06.2017, 15:20   #19
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Habe ich mal gemacht, dann bin ich mal gespannt ob es jetzt weg ist.
Vielen Dank

Alt 21.06.2017, 15:41   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.06.2017, 19:09   #21
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Es wurde nichts gefunden
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.06.21.09
  rootkit: v2017.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.1358.14393.0
Bjoern :: BJOERN-PC [administrator]

21.06.2017 16:55:19
mbar-log-2017-06-21 (16-55-19).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 371846
Time elapsed: 9 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
So eben ist die Meldung wieder gekommen, "Fisch null er sagte youtube.com"

Ich werde Win neu installieren und hoffe das es dann weg ist.

Alt 21.06.2017, 22:11   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!




1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass adwCleaner so eingestellt wie auf diesem Screenshot zu sehen:


  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.06.2017, 22:48   #23
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Code:
ATTFilter
# AdwCleaner v6.047 - Bericht erstellt am 21/06/2017 um 23:43:10
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-06-21.3 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Bjoern - BJOERN-PC
# Gestartet von : C:\Users\Bjoern\Downloads\AdwCleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Schlüssel gelöscht: HKU\S-1-5-21-564169924-83152284-3685802786-1000\Software\Tuguu
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Tuguu
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Tuguu
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "Search Provided by Yahoo"
[-] [C:\Users\Bjoern\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Gelöscht: search provided by yahoo
[-] [C:\Users\Bjoern\AppData\Local\Chromium\User Data\Default] [startup_urls] Gelöscht: hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_21_ssg02&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzztByE0A0FtAtAzzyByCyBtA0D0EyCtN0D0Tzu0StCyCtDzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyC0BzztAtD0E0EtGtA0B0FzytG0AyC0FtBtGyDzztD0CtG0D0AyE0DtC0ByEtDyB0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtDyCyCtA0F0DtG0FyEzz0EtGyEtA0FyBtGzy0F0BtCtGyC0F0C0ByDyEzy0F0F0FyDyE2QtN0A0LzuyE%26cr%3D1569454604%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm
[-] [C:\Users\Bjoern\AppData\Local\Chromium\User Data\Default] [homepage] Gelöscht: hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_21_ssg02&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzztByE0A0FtAtAzzyByCyBtA0D0EyCtN0D0Tzu0StCyCtDzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyC0BzztAtD0E0EtGtA0B0FzytG0AyC0FtBtGyDzztD0CtG0D0AyE0DtC0ByEtDyB0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtDyCyCtA0F0DtG0FyEzz0EtGyEtA0FyBtGzy0F0BtCtGyC0F0C0ByDyEzy0F0F0FyDyE2QtN0A0LzuyE%26cr%3D1569454604%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm
[-] [C:\Users\Administrator\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Gelöscht: search provided by yahoo
[-] [C:\Users\Administrator\AppData\Local\Chromium\User Data\Default] [startup_urls] Gelöscht: hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_21_ssg02&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzztByE0A0FtAtAzzyByCyBtA0D0EyCtN0D0Tzu0StCyCtDzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyC0BzztAtD0E0EtGtA0B0FzytG0AyC0FtBtGyDzztD0CtG0D0AyE0DtC0ByEtDyB0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtDyCyCtA0F0DtG0FyEzz0EtGyEtA0FyBtGzy0F0BtCtGyC0F0C0ByDyEzy0F0F0FyDyE2QtN0A0LzuyE%26cr%3D1569454604%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm
[-] [C:\Users\Administrator\AppData\Local\Chromium\User Data\Default] [homepage] Gelöscht: hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_21_ssg02&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyBzztByE0A0FtAtAzzyByCyBtA0D0EyCtN0D0Tzu0StCyCtDzytN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyC0BzztAtD0E0EtGtA0B0FzytG0AyC0FtBtGyDzztD0CtG0D0AyE0DtC0ByEtDyB0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtDyCyCtA0F0DtG0FyEzz0EtGyEtA0FyBtGzy0F0BtCtGyC0F0C0ByDyEzy0F0F0FyDyE2QtN0A0LzuyE%26cr%3D1569454604%26a%3Dwbf_popjar_16_21_ssg02%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6318 Bytes] - [21/06/2017 23:43:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [4846 Bytes] - [21/06/2017 23:42:32]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6464 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64 
Ran by Bjoern (Administrator) on 21.06.2017 at 23:46:39,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2 

Successfully deleted: C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\user.js (File) 
Successfully deleted: C:\WINDOWS\system32\Tasks\DriverMaxAgent (Task)

Deleted the following from C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\prefs.js
user_pref(extensions.ich@maltegoetz.de.config, {\proxy\:\[proxy]\,\supportedsites\:[{\domain\:\www.youtube.com\,\displayName\:\YouTube (auto)\,\functionName\
user_pref(extensions.xpiState, {\app-profile\:{\admin@youtube-unblock.org\:{\d\:\C:\\\\Users\\\\Bjoern\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\s3d



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.06.2017 at 23:48:04,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 22.06.2017, 08:10   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



beide tools zwecks Kontrolle bitte wiederholen
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 22.06.2017, 10:10   #25
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Code:
ATTFilter
# AdwCleaner v6.047 - Bericht erstellt am 22/06/2017 um 11:05:11
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-06-21.3 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Bjoern - BJOERN-PC
# Gestartet von : C:\Users\Bjoern\Downloads\AdwCleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6575 Bytes] - [21/06/2017 23:43:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1036 Bytes] - [22/06/2017 11:05:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [4846 Bytes] - [21/06/2017 23:42:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [1489 Bytes] - [22/06/2017 11:04:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1255 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64 
Ran by Bjoern (Administrator) on 22.06.2017 at 11:07:28,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 


Deleted the following from C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\prefs.js
user_pref(extensions.ich@maltegoetz.de.config, {\proxy\:\[proxy]\,\supportedsites\:[{\domain\:\www.youtube.com\,\displayName\:\YouTube (auto)\,\functionName\
user_pref(extensions.xpiState, {\app-profile\:{\admin@youtube-unblock.org\:{\d\:\C:\\\\Users\\\\Bjoern\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\s3d



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.06.2017 at 11:09:53,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 22.06.2017, 10:30   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 22.06.2017, 11:39   #27
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
durchgeführt von Bjoern (Administrator) auf BJOERN-PC (22-06-2017 12:38:09)
Gestartet von C:\Users\Bjoern\Desktop
Geladene Profile: Bjoern (Verfügbare Profile: Bjoern & Administrator)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SSS) C:\Windows\System32\AudioDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Electronic Arts) F:\Games\EA\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
() C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(Hammer & Chisel, Inc.) C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Hammer & Chisel, Inc.) C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sharkoon Technologies) C:\Program Files (x86)\Sharkoon X-Rest 7.1\Sharkoon X-Rest 7.1.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Razer, Inc.) C:\Users\Bjoern\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Razer, Inc.) C:\Users\Bjoern\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_26_0_0_131.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_26_0_0_131.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-24] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-06-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] ()
HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122384 2014-04-04] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [Sharkoon X-Rest 7.1] => C:\Program Files (x86)\Sharkoon X-Rest 7.1\Sharkoon X-Rest 7.1.exe [9969664 2017-05-05] (Sharkoon Technologies)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [17908944 2017-04-26] (Corsair Components, Inc.)
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Steam] => F:\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-16] ()
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Run: [Discord] => C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{95d6df5f-6d95-4575-8670-198f87f81226}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{f73877c4-546b-4f8a-aa7b-3a67d503b4f6}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{fc9508cc-b61a-40a7-b221-d8fd1bf857fe}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-564169924-83152284-3685802786-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Kein Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Keine Datei
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-25] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-12] (AO Kaspersky Lab)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: s3dkb1zc.default
FF ProfilePath: C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default [2017-06-22]
FF NewTab: Mozilla\Firefox\Profiles\s3dkb1zc.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\s3dkb1zc.default -> about:home
FF Extension: (Youtube Unblock) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\admin@youtube-unblock.org.xpi [2016-08-17]
FF Extension: (Combo) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\combo@yandex.ru.xpi [2016-02-28]
FF Extension: (ProxTube) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\ich@maltegoetz.de.xpi [2017-04-12]
FF Extension: (web converter light) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\{53e79fca-9335-456a-af14-5741a491fd2c}.xpi [2016-02-24] [ist nicht signiert]
FF Extension: (ChatZilla) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-11-10]
FF Extension: (AdblockService) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\{a6461e25-63c5-47c1-a443-682f8f687f13}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Bjoern\AppData\Roaming\Mozilla\Firefox\Profiles\s3dkb1zc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-12]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-11-05]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default [2017-06-17]
CHR Extension: (Google Präsentationen) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-05]
CHR Extension: (Google Docs) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-05]
CHR Extension: (Google Drive) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-05]
CHR Extension: (YouTube) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-05]
CHR Extension: (Google Tabellen) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-06-05]
CHR Extension: (Google Docs Offline) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-05]
CHR Extension: (Google Mail) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-05]
CHR Extension: (Chrome Media Router) - C:\Users\Bjoern\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-05]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 AudioDeviceService; C:\WINDOWS\system32\AudioDeviceService.exe [2711552 2017-05-05] (SSS) [Datei ist nicht signiert]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-04-29] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-17] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-06-12] (Dropbox, Inc.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138768 2014-04-04] (Portrait Displays, Inc.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; F:\Games\EA\Origin\OriginClientService.exe [2119688 2016-12-21] (Electronic Arts)
R2 Origin Web Helper Service; F:\Games\EA\Origin\OriginWebHelperService.exe [2180624 2016-12-21] (Electronic Arts)
S4 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-03-30] (Copyright (c) 2017 Plays.tv, LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-12-21] ()
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-05-09] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178824 2017-05-09] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [43000 2017-04-13] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [27640 2017-04-13] (Corsair)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-20] ()
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [27136 2016-09-23] (The OpenVPN Project)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-10] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [509728 2017-03-13] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [168736 2017-06-22] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-10] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-06-19] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-06-19] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-06-19] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-06-19] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-06-19] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-13] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-13] (AO Kaspersky Lab)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-22] (Malwarebytes)
S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51224 2016-02-04] (Razer Inc)
R3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47640 2016-02-04] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-12-18] (The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-22 12:57 - 2017-06-22 12:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-06-22 12:57 - 2017-06-22 12:57 - 00000000 ____D C:\Windows.old
2017-06-22 12:57 - 2017-06-22 11:59 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-06-22 12:56 - 2017-06-22 12:56 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-22 12:56 - 2017-06-22 12:56 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\Program Files\MSBuild
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-22 12:56 - 2017-06-22 12:56 - 00000000 ____D C:\inetpub
2017-06-22 12:56 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-06-22 12:56 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-22 12:56 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-06-22 12:56 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-06-22 12:56 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-22 12:56 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-06-22 12:37 - 2017-06-22 12:37 - 00000000 ____D C:\Users\Bjoern\Desktop\FRST-OlderVersion
2017-06-22 12:10 - 2017-06-22 12:10 - 00000000 ____D C:\ProgramData\USOShared
2017-06-22 12:10 - 2017-06-22 12:10 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-22 12:09 - 2017-06-22 12:09 - 00000020 ___SH C:\Users\Bjoern\ntuser.ini
2017-06-22 12:07 - 2017-06-22 12:07 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-06-22 12:07 - 2017-06-22 12:07 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-06-22 12:06 - 2017-06-22 12:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-22 12:06 - 2017-06-22 12:13 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-22 12:06 - 2017-06-22 12:06 - 00003728 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-06-22 12:06 - 2017-06-22 12:06 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-06-22 12:06 - 2017-06-22 12:06 - 00003504 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-06-22 12:06 - 2017-06-22 12:06 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-06-22 12:06 - 2017-06-22 12:06 - 00003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-06-22 12:06 - 2017-06-22 12:06 - 00003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0995B8CD-46FF-4B3E-85D9-8A816DCA03E8}
2017-06-22 12:06 - 2017-06-22 12:06 - 00003298 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{553E8D3B-F748-4790-B264-4BDDD5B950CC}
2017-06-22 12:06 - 2017-06-22 12:06 - 00002806 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bjoern.caduff@gmail.com
2017-06-22 12:06 - 2017-06-22 12:06 - 00002646 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP OfficeJet Pro 6960
2017-06-22 12:06 - 2017-06-22 12:06 - 00002356 _____ C:\WINDOWS\System32\Tasks\ScanToPCActivationApp.exe_{75EB032B-2975-406D-88FB-2FFB125E4B3D}
2017-06-22 12:06 - 2017-06-22 12:06 - 00002260 _____ C:\WINDOWS\System32\Tasks\HPCustPartic.exe_{817608E4-C049-41EA-B311-A52598BB8965}
2017-06-22 12:06 - 2017-06-22 12:06 - 00002242 _____ C:\WINDOWS\System32\Tasks\FaxApplications.exe_{C7C9E516-0EBD-4E50-A6B1-DF45B79396D9}
2017-06-22 12:06 - 2017-06-22 12:06 - 00002232 _____ C:\WINDOWS\System32\Tasks\HPCustPartic.exe_{BC84BEF4-9F45-4152-9C2C-A9D37F852002}
2017-06-22 12:06 - 2017-06-22 12:06 - 00002212 _____ C:\WINDOWS\System32\Tasks\Toolbox.exe_{A6A62D22-F6A9-43DC-941D-15C2F1D09015}
2017-06-22 12:06 - 2017-06-22 12:06 - 00002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-06-22 12:06 - 2017-06-22 12:06 - 00002124 _____ C:\WINDOWS\System32\Tasks\{DB291251-33CE-4CF5-943F-3C0B4EB63C44}
2017-06-22 12:06 - 2017-06-22 12:06 - 00002124 _____ C:\WINDOWS\System32\Tasks\{0C0E2EF5-6184-4ED8-94B0-AA9FEDBBB092}
2017-06-22 12:06 - 2017-06-22 12:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-06-22 12:06 - 2017-06-22 12:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-06-22 12:03 - 2017-06-22 12:03 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-22 12:02 - 2017-06-22 12:02 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-06-22 12:01 - 2017-06-22 12:25 - 00000000 ____D C:\Users\Bjoern
2017-06-22 12:01 - 2017-06-22 12:05 - 00000000 ____D C:\Users\Administrator
2017-06-22 12:01 - 2017-06-22 12:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Vorlagen
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Startmenü
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Netzwerkumgebung
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Lokale Einstellungen
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Eigene Dateien
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Druckumgebung
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Documents\Eigene Videos
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Documents\Eigene Musik
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Documents\Eigene Bilder
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\AppData\Local\Verlauf
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\AppData\Local\Anwendungsdaten
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Bjoern\Anwendungsdaten
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-06-22 12:01 - 2017-06-22 12:01 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-06-22 12:00 - 2017-06-22 12:22 - 02135442 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-22 12:00 - 2017-06-22 12:17 - 00000000 ____D C:\Program Files (x86)\Razer
2017-06-22 12:00 - 2017-06-22 12:15 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-06-22 12:00 - 2017-06-22 12:02 - 00000000 ____D C:\ProgramData\Razer
2017-06-22 12:00 - 2017-06-22 12:02 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-22 12:00 - 2017-06-22 12:02 - 00000000 ____D C:\Program Files\AMD
2017-06-22 12:00 - 2017-06-22 12:00 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files\Realtek
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files\ASUS
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-06-22 12:00 - 2017-06-22 12:00 - 00000000 ____D C:\Program Files (x86)\AMD
2017-06-22 12:00 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-06-22 12:00 - 2013-07-04 04:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-06-22 12:00 - 2013-07-04 04:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-06-22 11:59 - 2017-06-22 12:15 - 00256536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-22 11:59 - 2017-06-22 11:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-21 23:48 - 2017-06-22 11:09 - 00000987 _____ C:\Users\Bjoern\Desktop\JRT.txt
2017-06-21 23:45 - 2017-06-21 23:46 - 01663672 _____ (Malwarebytes) C:\Users\Bjoern\Downloads\JRT.exe
2017-06-21 23:45 - 2017-06-21 23:45 - 00006578 _____ C:\Users\Bjoern\Desktop\AdwCleaner[C0].txt
2017-06-21 23:40 - 2017-06-22 11:05 - 00000000 ____D C:\AdwCleaner
2017-06-21 23:40 - 2017-06-21 23:40 - 04110280 _____ C:\Users\Bjoern\Downloads\AdwCleaner_6.047.exe
2017-06-21 16:55 - 2017-06-21 17:20 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-06-21 16:54 - 2017-06-21 17:20 - 00000000 ____D C:\Users\Bjoern\Desktop\mbar
2017-06-21 16:53 - 2017-06-21 16:54 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Bjoern\Downloads\mbar-1.09.3.1001.exe
2017-06-21 16:41 - 2017-06-22 12:09 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-21 16:36 - 2017-06-21 16:36 - 00000000 ____D C:\Users\Bjoern\AppData\Local\UNP
2017-06-21 16:13 - 2017-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-06-21 16:13 - 2017-06-21 16:13 - 07178424 _____ (VS Revo Group ) C:\Users\Bjoern\Downloads\revosetup_v2.0.3.exe
2017-06-21 16:13 - 2017-06-21 16:13 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-06-21 16:13 - 2017-06-21 16:13 - 00000000 ____D C:\Program Files\VS Revo Group
2017-06-21 14:49 - 2017-06-21 16:13 - 00177259 _____ C:\Users\Bjoern\Desktop\12_09_24_Bekanntgabeprotokoll_01.pdf
2017-06-21 12:05 - 2017-06-21 12:05 - 00000017 _____ C:\Users\Bjoern\AppData\Local\resmon.resmoncfg
2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Corsair
2017-06-21 11:57 - 2017-06-21 11:57 - 00000000 ____D C:\Users\Administrator\AppData\Local\Corsair
2017-06-21 11:33 - 2017-06-21 14:26 - 00093755 _____ C:\Users\Bjoern\Desktop\Addition.txt
2017-06-21 11:33 - 2017-06-21 11:33 - 00091474 _____ C:\Users\Administrator\Desktop\Addition.txt
2017-06-21 11:32 - 2017-06-22 12:38 - 00031390 _____ C:\Users\Bjoern\Desktop\FRST.txt
2017-06-21 09:16 - 2017-06-21 09:16 - 00000216 _____ C:\Users\Bjoern\Documents\kaspersky.txt
2017-06-20 23:21 - 2017-06-20 23:21 - 05659652 _____ (Swearware) C:\Users\Bjoern\Downloads\ComboFix.exe
2017-06-20 23:19 - 2017-06-20 23:19 - 00064919 _____ C:\Users\Bjoern\Downloads\Shortcut.txt
2017-06-20 23:19 - 2017-06-20 23:19 - 00060045 _____ C:\Users\Bjoern\Downloads\Addition.txt
2017-06-20 23:18 - 2017-06-22 12:38 - 00000000 ____D C:\FRST
2017-06-20 23:18 - 2017-06-20 23:20 - 00164602 _____ C:\Users\Bjoern\Downloads\FRST.txt
2017-06-20 23:17 - 2017-06-22 12:37 - 02439680 _____ (Farbar) C:\Users\Bjoern\Desktop\FRST64.exe
2017-06-20 22:59 - 2017-06-22 12:15 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-20 22:59 - 2017-06-22 12:15 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-20 22:59 - 2017-06-22 12:15 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-20 22:59 - 2017-06-22 12:15 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-20 22:59 - 2017-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-20 22:59 - 2017-06-21 16:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-20 22:59 - 2017-06-20 23:11 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-20 22:59 - 2017-06-20 22:59 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-20 22:59 - 2017-06-20 22:59 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-20 22:59 - 2017-06-20 22:59 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-20 22:58 - 2017-06-20 22:59 - 64025992 _____ (Malwarebytes ) C:\Users\Bjoern\Downloads\mb3-setup-SEMFD.100SEM-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-20 13:53 - 2017-06-20 13:54 - 00181006 _____ C:\Users\Bjoern\Downloads\12_09_24_Bekanntgabeprotokoll_01.pdf
2017-06-19 16:02 - 2017-06-19 16:02 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-06-19 13:28 - 2017-06-19 13:28 - 00251664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-06-19 13:27 - 2017-06-19 13:27 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-06-19 13:27 - 2017-06-19 13:27 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-06-19 13:27 - 2017-06-19 13:27 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-06-17 14:51 - 2017-06-17 14:51 - 00000000 ____D C:\ProgramData\McAfee
2017-06-15 18:51 - 2017-06-15 18:51 - 03426824 _____ C:\Users\Bjoern\Downloads\ElvUI_SLE.zip
2017-06-15 18:44 - 2017-06-15 18:44 - 03341843 _____ C:\Users\Bjoern\Downloads\elvui-10.54.zip
2017-06-15 18:43 - 2017-06-15 18:43 - 10307073 _____ C:\Users\Bjoern\Downloads\SLE_Custom_Textures_Version_2.zip
2017-06-14 21:22 - 2017-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-14 14:50 - 2017-06-14 14:50 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-12 13:55 - 2017-06-12 13:55 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-12 13:52 - 2017-06-12 13:52 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-10 17:57 - 2017-06-10 17:57 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsign5dc76923ff4851be
2017-06-10 17:56 - 2017-06-10 17:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsign810c360305acd83c
2017-06-10 07:50 - 2017-06-10 07:50 - 00000000 ___HD C:\adobeTemp
2017-06-10 07:47 - 2017-06-19 23:27 - 00000000 ___RD C:\Users\Bjoern\Creative Cloud Files
2017-06-10 07:47 - 2017-06-10 07:47 - 00000000 ____D C:\Users\Bjoern\Documents\Adobe
2017-06-10 07:47 - 2017-06-10 07:47 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Tempzxpsigncd10a6e43e839649
2017-06-10 07:42 - 2017-06-19 23:37 - 00000000 ____D C:\Program Files\Adobe
2017-06-10 07:36 - 2017-06-10 07:36 - 02115464 _____ (Adobe Systems Incorporated) C:\Users\Bjoern\Downloads\After_Effects_Set-Up.exe
2017-06-10 07:16 - 2017-06-10 07:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DisplayTune
2017-06-10 07:16 - 2017-06-10 07:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\DisplayTune
2017-06-10 07:15 - 2017-06-21 11:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-06-10 07:15 - 2017-06-10 07:15 - 00001248 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-06-10 07:15 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2017-06-10 07:15 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comms
2017-06-09 16:56 - 2017-06-09 16:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Meltytech
2017-06-09 16:55 - 2017-06-09 16:55 - 173083960 _____ C:\Users\Bjoern\Downloads\20170509_141173672_PLAYERUNKNOWN'S BATTLEGROUNDS.mp4
2017-06-09 16:52 - 2017-06-09 16:55 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Twitch Leecher
2017-06-09 16:51 - 2017-06-09 16:51 - 18156716 _____ (Fake Smile Revolution) C:\Users\Bjoern\Downloads\TwitchLeecher_1.3.8_x64.exe
2017-06-09 15:35 - 2017-06-02 16:52 - 75361048 _____ C:\Users\Administrator\Downloads\shotcut-win32-170601.exe
2017-06-09 15:35 - 2017-06-02 16:52 - 192421664 _____ C:\Users\Administrator\Downloads\shotcut-win64-170601.exe
2017-06-09 15:28 - 2017-06-09 15:29 - 267152505 _____ C:\Users\Administrator\Downloads\shotcut-170601.zip
2017-06-09 15:24 - 2017-06-09 15:28 - 01496584 _____ C:\Users\Bjoern\Downloads\Shotcut - CHIP-Installer.exe
2017-06-07 20:22 - 2017-06-22 12:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Restream.io
2017-06-07 20:22 - 2017-06-07 20:22 - 00000324 _____ C:\Users\Administrator\Desktop\Restream Chat.appref-ms
2017-06-07 20:22 - 2017-06-07 20:22 - 00000000 ____D C:\Users\Administrator\Documents\RestreamChat
2017-06-07 20:21 - 2017-06-07 20:21 - 00271072 _____ C:\Users\Bjoern\Downloads\RestreamChatSetup.exe
2017-06-07 20:21 - 2017-06-07 20:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apps\2.0
2017-06-05 23:11 - 2017-06-22 12:07 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-05 23:11 - 2017-06-22 12:07 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-05 23:11 - 2017-06-10 07:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-06-05 23:10 - 2017-06-05 23:11 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Google
2017-06-05 23:10 - 2017-06-05 23:11 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-05 23:10 - 2017-06-05 23:10 - 01130328 _____ (Google Inc.) C:\Users\Bjoern\Downloads\ChromeSetup.exe
2017-06-04 22:21 - 2017-06-04 22:21 - 02419882 _____ C:\Users\Bjoern\Downloads\igel karl.zip
2017-06-04 19:18 - 2017-06-04 19:18 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-06-04 19:18 - 2017-06-04 19:18 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-06-04 19:16 - 2017-06-04 19:16 - 15507008 _____ (TeamViewer GmbH) C:\Users\Bjoern\Downloads\teamviewer_setup.exe
2017-06-02 07:36 - 2017-06-02 07:36 - 00493888 _____ C:\WINDOWS\system32\Drivers\mozart_12334867159_fw_dump.cmm
2017-05-27 11:50 - 2017-05-27 11:50 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Users\Bjoern\AppData\Local\paint.net
2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Users\Administrator\AppData\Local\paint.net
2017-05-27 11:50 - 2017-05-27 11:50 - 00000000 ____D C:\Program Files\paint.net
2017-05-27 11:49 - 2017-05-27 11:49 - 07067928 _____ C:\Users\Administrator\Downloads\paint.net.4.0.16.install.zip
2017-05-27 11:49 - 2017-04-16 23:26 - 07094520 _____ C:\Users\Administrator\Downloads\paint.net.4.0.16.install.exe
2017-05-27 11:47 - 2017-05-27 11:48 - 01496584 _____ C:\Users\Bjoern\Downloads\Paint NET - CHIP-Installer.exe
2017-05-26 18:31 - 2017-05-26 18:31 - 00131713 _____ C:\Users\Bjoern\Downloads\outer-space-8d8f.cueprofile
2017-05-26 18:28 - 2017-05-26 18:29 - 00113401 _____ C:\Users\Bjoern\Downloads\world-of-warcraft---azeroth-99cf.cueprofile
2017-05-26 18:26 - 2017-05-26 18:26 - 00131713 _____ C:\Users\Bjoern\Downloads\outer-space-e020.cueprofile
2017-05-26 18:23 - 2017-05-26 18:23 - 00113401 _____ C:\Users\Bjoern\Downloads\world-of-warcraft---azeroth-5ac5.cueprofile
2017-05-26 18:21 - 2017-05-26 18:21 - 00124727 _____ C:\Users\Bjoern\Downloads\blue-embers-117e.cueprofile
2017-05-26 17:42 - 2017-05-26 17:42 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Corsair
2017-05-26 17:42 - 2017-05-26 17:42 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Corsair
2017-05-26 17:41 - 2017-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2017-05-26 17:41 - 2017-05-26 17:41 - 00001199 _____ C:\Users\Public\Desktop\Corsair Utility Engine.lnk
2017-05-26 17:41 - 2017-05-26 17:41 - 00000000 ____D C:\Program Files (x86)\Corsair
2017-05-26 17:40 - 2017-05-26 17:41 - 168284160 _____ C:\Users\Bjoern\Downloads\CorsairUtilityEngineSetup_2.13.80_release.msi
2017-05-25 20:00 - 2017-05-25 20:00 - 25483032 _____ (Sony Corporation) C:\Users\Bjoern\Downloads\EP0000260866.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-22 12:59 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-06-22 12:57 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-06-22 12:57 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-22 12:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-06-22 12:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-06-22 12:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-06-22 12:56 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-06-22 12:56 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-06-22 12:56 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-06-22 12:56 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-06-22 12:56 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-06-22 12:56 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-06-22 12:56 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-06-22 12:56 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-06-22 12:56 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-06-22 12:56 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-06-22 12:56 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-06-22 12:56 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-06-22 12:56 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-06-22 12:56 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-06-22 12:56 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-06-22 12:56 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-06-22 12:56 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-06-22 12:56 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-06-22 12:56 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-06-22 12:56 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-06-22 12:56 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-06-22 12:23 - 2016-02-17 16:44 - 00000000 ___RD C:\Users\Bjoern\OneDrive
2017-06-22 12:23 - 2016-02-16 23:45 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Raptr
2017-06-22 12:22 - 2017-03-20 06:35 - 00912110 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-22 12:22 - 2017-03-20 06:35 - 00204310 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-22 12:22 - 2016-11-18 22:42 - 00000000 ____D C:\Users\Bjoern\AppData\LocalLow\Mozilla
2017-06-22 12:22 - 2016-02-16 23:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-06-22 12:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-22 12:15 - 2017-03-18 13:40 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-06-22 12:13 - 2016-02-18 18:36 - 00002421 _____ C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-22 12:13 - 2016-02-18 18:34 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Packages
2017-06-22 12:12 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-22 12:10 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-22 12:10 - 2016-09-23 17:56 - 00000000 ____D C:\Users\Bjoern\AppData\Local\ConnectedDevicesPlatform
2017-06-22 12:09 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-22 12:09 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-06-22 12:09 - 2016-02-18 18:34 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-22 12:08 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-06-22 12:07 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-22 12:07 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-06-22 12:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-06-22 12:06 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell
2017-06-22 12:06 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-06-22 12:06 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-22 12:06 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-22 12:06 - 2016-02-18 18:29 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-06-22 12:04 - 2017-05-05 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sharkoon X-Rest 7.1
2017-06-22 12:04 - 2017-04-20 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeSkillMaster Application
2017-06-22 12:04 - 2017-04-18 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2017-06-22 12:04 - 2017-04-13 18:20 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-22 12:04 - 2017-03-18 13:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-06-22 12:04 - 2017-02-05 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2017-06-22 12:04 - 2017-01-27 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Launcher
2017-06-22 12:04 - 2016-12-18 22:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyVPN
2017-06-22 12:04 - 2016-12-12 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2017-06-22 12:04 - 2016-12-10 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-06-22 12:04 - 2016-12-09 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-06-22 12:04 - 2016-11-14 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2017-06-22 12:04 - 2016-11-05 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2017-06-22 12:04 - 2016-08-31 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2017-06-22 12:04 - 2016-08-29 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BenQ
2017-06-22 12:04 - 2016-05-27 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer 3 Tiberium Wars and Kane's Wrath
2017-06-22 12:04 - 2016-05-27 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-06-22 12:04 - 2016-03-08 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-22 12:04 - 2016-02-28 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-06-22 12:04 - 2016-02-27 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-22 12:04 - 2016-02-21 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
2017-06-22 12:04 - 2016-02-19 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-06-22 12:04 - 2016-02-18 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-06-22 12:04 - 2016-02-17 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-22 12:04 - 2016-02-17 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-06-22 12:04 - 2016-02-17 01:00 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-22 12:04 - 2016-02-17 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-22 12:04 - 2016-02-17 00:09 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2017-06-22 12:04 - 2016-02-17 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-06-22 12:04 - 2016-02-16 23:56 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-06-22 12:04 - 2016-02-16 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2017-06-22 12:03 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-06-22 12:02 - 2017-03-20 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-06-22 12:02 - 2017-03-20 06:36 - 00000000 ____D C:\WINDOWS\OCR
2017-06-22 12:02 - 2017-03-20 06:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-22 12:02 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-22 12:02 - 2017-01-14 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-06-22 12:02 - 2016-12-30 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2017-06-22 12:02 - 2016-11-04 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\inCloak Network Ltd
2017-06-22 12:02 - 2016-03-29 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-06-22 12:02 - 2016-02-17 00:59 - 00000000 ____D C:\WINDOWS\system32\SPReview
2017-06-22 12:02 - 2016-02-17 00:58 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2017-06-22 12:02 - 2016-02-16 23:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-22 12:02 - 2016-02-16 23:03 - 00000000 ____D C:\Program Files\Intel
2017-06-22 12:02 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2017-06-22 12:01 - 2017-04-29 20:26 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-06-22 12:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-06-22 12:01 - 2016-03-29 15:52 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-06-22 12:01 - 2016-02-18 22:53 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-06-22 12:00 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-06-22 12:00 - 2016-02-16 23:42 - 00000000 ____D C:\AMD
2017-06-22 11:47 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-06-21 23:42 - 2016-03-12 13:29 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-21 17:38 - 2016-11-05 16:39 - 00000000 ____D C:\Users\Bjoern\Documents\Citavi 5
2017-06-21 11:58 - 2016-03-29 15:59 - 00002442 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-21 11:58 - 2016-03-29 15:59 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-06-21 11:58 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\Dropbox
2017-06-21 11:57 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2017-06-21 10:16 - 2016-02-17 00:06 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Battle.net
2017-06-21 10:15 - 2016-02-17 00:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-06-21 10:14 - 2016-11-18 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-21 10:14 - 2016-02-16 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-21 09:49 - 2016-02-18 20:14 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\obs-studio
2017-06-21 09:43 - 2016-02-19 20:24 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\TS3Client
2017-06-21 01:40 - 2016-02-28 14:49 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\vlc
2017-06-20 15:18 - 2016-02-17 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-19 23:38 - 2016-02-18 16:11 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Adobe
2017-06-19 23:37 - 2016-03-29 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-06-19 23:35 - 2016-09-01 13:35 - 00001135 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-19 23:28 - 2016-02-23 20:26 - 00000000 ____D C:\ProgramData\Adobe
2017-06-19 23:27 - 2016-02-18 20:33 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Adobe
2017-06-18 18:13 - 2016-02-17 00:06 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Battle.net
2017-06-17 14:51 - 2016-10-30 18:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-06-17 14:50 - 2016-02-17 00:08 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Apps\2.0
2017-06-17 09:10 - 2016-03-12 13:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-16 22:52 - 2016-11-23 19:46 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\Curse Client
2017-06-14 21:22 - 2016-02-17 21:11 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-14 21:21 - 2017-04-29 20:26 - 00000000 ____D C:\Users\Bjoern\AppData\Roaming\discord
2017-06-14 20:14 - 2016-02-27 15:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 20:14 - 2016-02-27 15:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 14:19 - 2016-02-16 23:30 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-10 07:16 - 2017-05-05 11:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Sharkoon X-Rest 7.1
2017-06-09 15:27 - 2017-05-08 17:33 - 00000000 ____D C:\Users\Bjoern\Desktop\Twitch
2017-06-03 10:11 - 2016-02-16 23:26 - 00565416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-31 19:34 - 2016-02-17 21:10 - 00000000 ____D C:\Users\Bjoern\AppData\Local\Dropbox

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-12 14:29 - 2016-03-12 14:29 - 0000043 _____ () C:\Users\Bjoern\AppData\Roaming\WB.CFG
2017-06-21 12:05 - 2017-06-21 12:05 - 0000017 _____ () C:\Users\Bjoern\AppData\Local\resmon.resmoncfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Bjoern\Razer Synapse Tournament Drivers 20161016_0957.exe
C:\Users\Bjoern\Razer Synapse Tournament Drivers 20170127_1855.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-22 11:59

==================== Ende von FRST.txt ============================
         

Alt 22.06.2017, 11:40   #28
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
durchgeführt von Bjoern (22-06-2017 12:38:39)
Gestartet von C:\Users\Bjoern\Desktop
Windows 10 Home Version 1703 (X64) (2017-06-22 10:09:10)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-564169924-83152284-3685802786-500 - Administrator - Enabled) => C:\Users\Administrator
Bjoern (S-1-5-21-564169924-83152284-3685802786-1000 - Administrator - Enabled) => C:\Users\Bjoern
DefaultAccount (S-1-5-21-564169924-83152284-3685802786-503 - Limited - Disabled)
Gast (S-1-5-21-564169924-83152284-3685802786-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-564169924-83152284-3685802786-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
ACP Application (Version: 2016.0718.1650.38 - Advanced Micro Devices, Inc.) Hidden
adbLink version 3.00 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 3.00 - jocala.com)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Age of Conquest IV (HKLM\...\Steam App 314970) (Version:  - Noble Master LLC)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version:  - Ensemble Studios)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
Call of Duty: Infinite Warfare (HKLM\...\Steam App 292730) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare Remastered - Multiplayer (HKLM\...\Steam App 393100) (Version:  - Raven Software)
Call of Duty: Modern Warfare Remastered (HKLM\...\Steam App 393080) (Version:  - Raven Software)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Citavi 5  (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.4.0.2 - Swiss Academic Software)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Corsair Utility Engine (HKLM-x32\...\{AD19976A-08A1-4E11-862D-256178BF9864}) (Version: 2.13.80 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Curse Client (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Day of Defeat: Source (HKLM\...\Steam App 300) (Version:  - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
Discord (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Display Pilot (HKLM-x32\...\{6DD25D67-4339-47A1-950E-EEFC321CBB24}) (Version: 2.15.008 - Portrait Displays, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 28.4.14 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.)
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version:  - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V - The Manual (HKLM-x32\...\{752EBD91-8B95-42B5-8692-A7243A6EEEA9}) (Version: 1.0.0 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Heavy Bullets (HKLM-x32\...\c7325e58-5895-4667-81a2-1854397fbb43) (Version:  - DFE5J)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HP Dropbox Plugin (HKLM-x32\...\{30AE8906-4419-403F-86D3-5FC9AA4BEEF6}) (Version: 36.0.49.62779 - HP)
HP Google Drive Plugin (HKLM-x32\...\{8A472621-0EA0-4FC5-9F7F-7043778F12AB}) (Version: 36.0.49.62779 - HP)
HP OfficeJet Pro 6960 - Grundlegende Software für das Gerät (HKLM\...\{15105C5B-BB1E-429C-81B3-8797466C07DA}) (Version: 39.4.1979.16354 - HP Inc.)
HP OfficeJet Pro 6960 Hilfe (HKLM-x32\...\{88A76160-F03B-4B0E-835F-87A061B674E4}) (Version: 39.0.0 - HP)
HP OneDrive Plugin (HKLM-x32\...\{8B956FB3-FD54-4C58-8256-8103F0D91B77}) (Version: 36.0.0.0 - HP)
I.R.I.S. OCR (HKLM-x32\...\{77374D45-3BBF-4633-A2DF-188CD2106A67}) (Version: 12.3.7.0 - HP)
inCloak VPN (HKLM-x32\...\{F838701D-CCCA-4238-91CE-BEA41AABA04A}) (Version: 1.22 - inCloak Network Ltd.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Jagged Alliance - Back in Action (HKLM\...\Steam App 57740) (Version:  - Coreplay GmbH)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\Uplay Install 44) (Version:  - Ubisoft)
Mordheim: City of the Damned (HKLM\...\Steam App 276810) (Version:  - Rogue Factor)
Mozilla Firefox 54.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 de)) (Version: 54.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! Unchained (HKLM\...\Steam App 427270) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
Pivot Pro Plugin (x32 Version: 9.61.004 - Portrait Displays, Inc.) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version:  - )
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.21.0-r121815-release - Plays.tv, LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.2.4 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SDK (x32 Version: 2.40.012 - Portrait Displays, Inc.) Hidden
Sharkoon X-Rest 7.1 (HKLM-x32\...\SSS16xxAudioExt) (Version: 1.1.16.8 - Sharkoon Technologies)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.97.4382 - Electronic Arts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP OfficeJet Pro 6960 (HKLM\...\{0C643588-3357-44CA-A6C7-3DEFC84598F0}) (Version: 39.4.1979.16354 - HP Inc.)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
The Talos Principle (HKLM\...\Steam App 257510) (Version:  - Croteam)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.0.3 - Electronic Arts, Inc.)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch)
Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-564169924-83152284-3685802786-1000_Classes\CLSID\{5743f98d-03a5-429a-bbf2-cf689b0838ce}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B572CF7-16A9-41B7-9F2B-E25984AFCE4D} - System32\Tasks\{0C0E2EF5-6184-4ED8-94B0-AA9FEDBBB092} => C:\Users\Bjoern\Downloads\LGS_8.79.77_x64_Logitech(5).exe [2016-02-18] (Logitech Inc.)
Task: {0C28C420-CBEB-49A7-8BF7-BA6CED90D5CF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0EC1EB9B-5BE8-4E0C-9879-E554261A1CA6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {11D3A6B0-D88E-445E-AB62-1994AB29AC2A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {13CECC4D-D73F-4085-92EC-BD593FC22D8B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1466B3E9-3C63-406B-AF09-5360A0A7196E} - System32\Tasks\HPCustPartic.exe_{BC84BEF4-9F45-4152-9C2C-A9D37F852002} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.)
Task: {169360AB-9628-4148-95AD-4B50B4FFC551} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {198AFF7A-448F-4BCD-8535-EA1553EB7454} - System32\Tasks\{DB291251-33CE-4CF5-943F-3C0B4EB63C44} => C:\Users\Bjoern\Downloads\LGS_8.79.77_x64_Logitech(5).exe [2016-02-18] (Logitech Inc.)
Task: {2BDEEB32-A766-4B15-8121-05739AA57ACB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-17] (Dropbox, Inc.)
Task: {35A179DB-F28E-4B48-BCBA-F3EDD30E0917} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {38D3548C-32A2-495E-A002-91A8FB4D12D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {3AA96B27-F684-4B4E-A6A0-E34E415E304F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-05] (Google Inc.)
Task: {3BDC8660-B17C-4F59-8531-CD7FEA6A87A0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bjoern.caduff@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {3C2CF6E6-9E3A-443C-BF2D-D65B8F6ECE51} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3D59AC35-9BAA-4B24-9E9A-208A26A36A2B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {3E8EA0D4-DAE7-4222-936C-B9C36EAC46E3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {42B8C1EF-F92E-404F-83D9-1577C4717E0A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4B645A68-933F-4965-8787-3FADBEA2C8AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {50336CCA-4498-4375-8834-10A20E6DA1F0} - System32\Tasks\ScanToPCActivationApp.exe_{75EB032B-2975-406D-88FB-2FFB125E4B3D} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\ScanToPCActivationApp.exe [2016-12-19] (HP Inc.)
Task: {594F6BAD-A14C-4A7A-8235-35BA32E0A262} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {610E93EF-1973-4852-ABB3-D7D4647CD957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {71611240-8CF4-4E28-9125-C68828D8993D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {75A59B23-2A2F-435A-8EC2-9AC82BFC04DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {77A9F491-B51F-4118-8C34-CF3B5552FAFC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {789D8861-C318-4D2A-BC8A-407C9800353E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {7BB3AC92-9677-47E1-BEA5-C1342EDF167E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7E409B5F-D9E7-41A0-A471-18015B36FF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7EC901A1-B04C-466F-9EDE-FA4F873F4044} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {900C4667-D038-4592-92DE-D1CC360DDCAF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90267BE0-F96F-428B-BB62-461E511B59A6} - System32\Tasks\HPCustPartic.exe_{817608E4-C049-41EA-B311-A52598BB8965} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.)
Task: {93D09D89-EABF-443C-BC31-A88EEEDA621F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {98EECE31-5197-47BA-AD28-CF713F3634D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {9D7F60EC-3FB6-4BFC-9A54-41FC99EDDC43} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4DFE095-8066-44EE-BAB7-B3BD3692E58A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {A55B29AF-7F27-4025-9ED8-116FCCB9C7B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-05] (Google Inc.)
Task: {AE24B250-E2E0-4277-BEB8-4A15D522D1F3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {BD4DCC5C-E953-4983-9643-B4912FED14B0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C39C45AE-DEC4-4031-A07D-A753E70E98D8} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 6960 => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPCustPartic.exe [2016-12-19] (HP Inc.)
Task: {C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CBA401E0-42F5-4560-81C4-C55E532EDB81} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC9F81AD-EBE9-473E-83FC-8BEBD3505ED7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFF0D3DC-2AF1-49F2-B8A3-D00DE06BFDAB} - System32\Tasks\FaxApplications.exe_{C7C9E516-0EBD-4E50-A6B1-DF45B79396D9} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\FaxApplications.exe [2016-12-19] (HP Inc.)
Task: {D338BC63-55B5-4723-B29A-FD1737A68396} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA9E00C8-FEAC-49BD-885F-A6D6BA58526C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DAB8FEC9-6F96-49A4-8529-B453A28C0E19} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {DFD7912D-89C4-4C4B-875C-270F6836337B} - System32\Tasks\Toolbox.exe_{A6A62D22-F6A9-43DC-941D-15C2F1D09015} => C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\Toolbox.exe [2016-12-19] (HP Inc.)
Task: {EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {EC20AF13-6AEA-40FD-B9A0-3F1472C519BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F37D229B-5588-455E-BE29-1F4DFEA9C440} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-17] (Dropbox, Inc.)
Task: {F8817B1A-9273-4EC5-B716-DF0D7B8E65AA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-06-22 12:00 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-21 21:13 - 2016-12-21 21:13 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-06-20 22:59 - 2017-06-20 23:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-08-29 13:55 - 2014-04-04 15:10 - 00098320 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2016-08-29 13:55 - 2014-04-04 15:10 - 00275472 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-21 07:42 - 2017-06-21 07:42 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 07:42 - 2017-06-21 07:42 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 07:42 - 2017-06-21 07:42 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 07:42 - 2017-06-21 07:42 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-20 14:51 - 2016-08-16 03:26 - 01623040 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
2017-04-07 08:37 - 2017-04-07 08:37 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-08-29 13:55 - 2013-06-18 12:26 - 00677160 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2016-08-29 13:55 - 2013-06-18 12:26 - 00714024 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
2016-08-29 13:55 - 2014-04-04 15:10 - 00163344 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
2016-08-29 13:55 - 2014-04-04 15:10 - 00197136 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
2017-06-06 18:47 - 2017-06-06 18:47 - 68931072 _____ () C:\Program Files\WindowsApps\Fitbit.Fitbit_2.22.1110.0_x64__6mqt6hf9g46tw\Fitbit.dll
2017-06-22 12:00 - 2017-06-22 12:15 - 00029696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-22 12:00 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-10-07 13:48 - 2016-12-21 21:23 - 02493440 _____ () F:\Games\EA\Origin\libGLESv2.dll
2016-08-29 13:55 - 2014-04-04 15:10 - 00093712 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2017-04-20 14:51 - 2015-02-24 23:44 - 00783360 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2017-04-20 14:51 - 2015-02-24 23:43 - 00047104 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2017-04-20 14:51 - 2015-02-24 23:43 - 00009728 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2017-04-20 14:51 - 2015-02-24 23:43 - 00758784 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2017-04-20 14:51 - 2015-02-24 23:43 - 00084992 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2017-04-20 14:51 - 2015-02-24 23:43 - 00053760 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2017-04-20 14:51 - 2015-10-25 05:32 - 01861120 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2017-04-20 14:51 - 2015-10-25 05:00 - 00075264 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2017-04-20 14:51 - 2015-02-24 23:43 - 00137216 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2017-04-20 14:51 - 2015-10-25 05:36 - 02002944 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2017-04-20 14:51 - 2015-10-25 05:43 - 04101120 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2017-04-20 14:51 - 2015-12-16 00:18 - 00039424 _____ () C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2017-04-29 20:26 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-04-29 20:26 - 2017-04-29 20:26 - 01082880 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-04-29 20:26 - 2017-04-29 20:26 - 03750400 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-04-29 20:26 - 2017-04-29 20:26 - 00914432 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-04-29 20:26 - 2017-04-29 20:26 - 01127424 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-04-29 20:26 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-04-29 20:26 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Bjoern\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-06-14 21:22 - 2017-06-12 13:52 - 00775488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-14 21:22 - 2017-06-12 13:52 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2016-02-17 21:12 - 2017-06-12 13:52 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-02-17 21:12 - 2017-06-12 13:54 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-02-17 21:12 - 2017-06-12 13:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-06 15:27 - 2017-06-12 13:55 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-14 21:22 - 2017-06-12 13:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-02-17 21:12 - 2017-06-12 13:54 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-06 15:27 - 2017-06-12 13:55 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-15 19:31 - 2017-06-12 13:55 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2016-02-17 21:12 - 2017-06-12 13:55 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-03-01 18:41 - 2017-06-12 13:55 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-01-25 19:47 - 2017-06-12 13:55 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 16:36 - 2017-06-12 13:55 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-25 19:47 - 2017-06-12 13:55 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-25 19:47 - 2017-06-12 13:55 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-25 19:47 - 2017-06-12 13:55 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-02-17 21:12 - 2017-06-12 13:52 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-17 21:12 - 2017-06-12 13:55 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-14 21:22 - 2017-06-12 13:54 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-06-14 21:22 - 2017-06-12 13:54 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-16 18:36 - 2017-06-12 13:54 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-14 21:22 - 2017-06-12 13:52 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-14 21:22 - 2017-06-12 13:52 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-08-06 15:27 - 2017-06-12 13:55 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-09 16:51 - 2017-06-12 13:54 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-14 21:22 - 2017-06-12 13:54 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-06-22 12:23 - 2017-06-22 12:23 - 00148992 _____ () \\?\C:\Users\Bjoern\AppData\Local\Temp\F55F.tmp.node
2017-04-29 20:26 - 2017-04-29 20:26 - 02658296 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-04-29 20:27 - 2017-04-29 20:27 - 02665976 _____ () \\?\C:\Users\Bjoern\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2015-05-08 03:37 - 2015-05-08 03:37 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 21:01 - 2017-05-04 21:01 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 23:59 - 2015-11-13 23:59 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 23:59 - 2015-11-13 23:59 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2016-08-29 13:55 - 2014-04-04 15:10 - 00187920 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2017-05-22 12:13 - 2017-05-22 12:13 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 50656768 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 19:33 - 2017-05-04 19:33 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2017-04-26 15:26 - 2017-04-26 15:26 - 00044544 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\MacroRecording.dll
2017-04-26 15:27 - 2017-04-26 15:27 - 00199680 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2017-04-26 15:37 - 2017-04-26 15:37 - 00086528 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairAudioDevice.dll
2017-04-26 15:26 - 2017-04-26 15:26 - 00097280 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\zlib.dll
2016-12-01 13:28 - 2016-12-01 13:28 - 01983488 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libGLESv2.dll
2016-12-01 13:28 - 2016-12-01 13:28 - 00013824 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\libEGL.DLL
2017-03-20 13:20 - 2016-10-08 09:13 - 50656768 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 01874944 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 00075264 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 01874944 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2017-03-20 13:20 - 2016-10-08 09:13 - 00075264 _____ () C:\Users\Bjoern\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-06-17 15:39 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-564169924-83152284-3685802786-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bjoern\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{6331ae71-0058-4ab7-a86c-12fdfc2a900b}.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: chip1click => 2
MSCONFIG\Services: PlaysService => 2
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-564169924-83152284-3685802786-1000\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{6470492B-21E6-41C1-A990-475940A6FCFE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{90061B05-B203-4F4A-A26C-B72099508133}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{42C9293D-B5A7-4191-B807-4FE1B097650C}] => (Allow) F:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{025E7B1E-1B4A-426A-A797-E29E779076F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8AF177E0-AFD6-403A-87CF-8623D3D55770}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CEB8698B-325F-4152-A2DD-795ACEF673FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8CDEFE31-B44E-409F-9BC1-7E8D960ACD8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A8280086-437B-469C-B078-758FD4F1151F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{24A8696A-C056-45CB-B5CC-824F8CDB2C29}] => (Allow) F:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{1F75ADED-1CC7-4173-88DE-76B944AE37C6}] => (Allow) F:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{B4508F76-452B-4DA5-B50C-8E921253FA36}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E5C68C45-6041-4B68-8221-0D550E41C1E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{6B3C3FBB-E735-4A46-990D-2C6D5B3FEC8C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{52D36283-A917-42B8-B269-7122F4E47450}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{21B9669E-267B-461D-9F4E-C1E5F3D4D0C7}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{D89315C0-CEAE-464E-9D27-565297831813}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{69A96790-4259-40B5-8871-89617BB01C93}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{57745C9B-C4A5-4A57-AB57-84AED755CE2C}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe
FirewallRules: [{84BA020A-D954-4BAE-B12F-151680B4094B}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{2929A467-6331-47E6-84C8-65C4FBD4533D}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe
FirewallRules: [{BBD5F608-A4BF-465E-BCAB-F05120C694F1}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{1682D730-9870-4D51-98CA-59DD33414433}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{A90633FB-FC73-4CD3-8AE2-93C9356650B0}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{0770C61D-8913-4279-9191-688BDD7048A1}] => (Allow) F:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{898B83F7-238C-49A9-A842-0B2DB5AAFD18}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{A0432021-23C1-40E8-9EF5-4F8248C9BCC9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{E590CF17-A79D-4015-AAF4-C9BEB9B204A8}] => (Allow) F:\Games\Uplay\Ghost Recon Wildlands Beta\GRW.exe
FirewallRules: [{9A4DE7FF-784F-48DD-B3BE-D000BB91C605}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{6F4E6023-9B6E-4FEA-B242-97A107969CC1}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A13FEBC2-4224-4292-8A81-37F12DAB4426}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B467F4A5-CCEB-439E-83AD-24F1D650DF81}] => (Allow) F:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [UDP Query User{F59F9874-7927-47A5-B4D1-617E01982A60}F:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steam\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [TCP Query User{5D606C15-0272-4D7F-9DEE-8B5FA81CA8B6}F:\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steam\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [{37E92F72-18D8-4618-B056-8CEFF2F44A68}] => (Allow) F:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{525AE209-85B6-4E15-BDF1-224E3F772691}] => (Allow) F:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{B8E54B39-43F3-42ED-B5BA-CD43E59E84EA}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0EF5BDAC-0822-4B5C-8E49-249D73A0158C}] => (Allow) LPort=5357
FirewallRules: [{AC6B80F7-8731-4810-9A65-D6BD7AFE6229}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\Bin\DeviceSetup.exe
FirewallRules: [{CCAEB1D8-BE06-4430-9A3D-4C340E0F0D4A}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxPrinterUtility.exe
FirewallRules: [{66C4DD67-0A38-433E-885B-B67F80B0401C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\SendAFax.exe
FirewallRules: [{1773877F-38B4-492C-99FD-487E70985150}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\DigitalWizards.exe
FirewallRules: [{CF775FD1-1DB2-47F8-BFD6-F4A6C6108119}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 6960\bin\FaxApplications.exe
FirewallRules: [{73ED5265-91D4-4390-8E87-0FD8B403D2B8}] => (Allow) C:\Users\Bjoern\AppData\Local\Temp\7zS010F\HP.EasyStart.exe
FirewallRules: [{8024C602-BCC9-40AE-AFB5-A2A8B727CAEB}] => (Allow) F:\Games\GTA\GTA5.exe
FirewallRules: [{A7382D8B-6713-4D62-AC99-71D329C31E45}] => (Allow) F:\Games\GTA\GTA5.exe
FirewallRules: [{0DCFCABB-0C71-48DF-9B33-DEB6D3A52064}] => (Allow) F:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{1380FD59-F516-4C34-B2DB-30F0670C46DD}] => (Allow) F:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{5564538A-6D24-4481-9C3B-03538844E58E}] => (Allow) F:\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{95DA8850-7D1A-461E-9158-856B057E55AA}] => (Allow) F:\Steam\steamapps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{A28095C3-766F-4198-A0C8-F61428C8F221}] => (Allow) F:\Steam\steamapps\common\Age of Conquest IV\app_main.exe
FirewallRules: [{F3022BCC-78EB-496D-BC9F-05D7CAB3AFAD}] => (Allow) F:\Steam\steamapps\common\Age of Conquest IV\app_main.exe
FirewallRules: [{002A8C06-C19C-4125-9158-4848B9982CB3}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{2CF07C90-CDA8-4905-B19D-0C3697F05202}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{4796EB4A-ED80-42B7-A3F3-5B9B92478899}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{72451E96-7EBB-40CE-AD9F-404489567D8B}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{3E883446-62FC-45C5-8893-A27D42B0D3C4}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{BEE3D71F-DC83-45D7-B1A9-B3F8B15E261D}] => (Allow) F:\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{46B456EF-0A88-4033-AB10-760522DD5F6A}] => (Allow) F:\Games\Uplay\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{55A765EA-28F5-45F0-BEF5-166FDC778C74}] => (Allow) F:\Games\Uplay\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{3F90E33F-3E3C-48BF-B65E-8EE00B413298}] => (Allow) F:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{D8025864-AC88-414A-B4C4-8E16CA55AB25}] => (Allow) F:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{D1FBD3A3-AA1D-487D-8FB1-E094746EED25}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{D6EEB2B2-7BCA-487E-8AB0-CB4B8287A97F}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2_trial.exe
FirewallRules: [{2529D13B-D2CE-4ABF-B288-DF5AA92377FB}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2.exe
FirewallRules: [{73649E6E-F4FF-4665-98B7-DF25947CA13E}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall2\Titanfall2.exe
FirewallRules: [{362A060B-C88B-4CB0-B20E-8852F4FE3202}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Kanes Wrath\RetailExe\1.2\cnc3ep1.dat
FirewallRules: [{9F9E2F30-5B70-4D9D-837E-6DA895FA0298}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\Command Conquer 3 Tiberium Wars\RetailExe\1.9\cnc3game.dat
FirewallRules: [{D738AE8B-D200-4F9A-8F15-573474FC94EF}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{3AB42E84-99EB-45D3-9003-2AB87CE09598}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1FA3F747-99C4-4CF1-B552-B222F22C7AC1}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{629D6208-E9AF-4598-930E-A9915A558077}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{5A9DE9C4-08E7-488E-BFFB-3C4A3CB5AFA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D3C2B11B-B480-4073-8EF8-314CA5F9ACB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{688DF777-41EC-4E0A-91C9-33BCECFEACF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB7967B1-D7F6-4F6C-90C6-EF45F26C246F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DEBEF465-6B0A-4413-A804-64D4F492EB1B}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{71208021-3A16-4DDC-9C88-22F81B7BE69E}] => (Allow) F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F1AFD9E1-1ACB-4F7B-8CA2-EA1A8184215A}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe
FirewallRules: [{DB494B08-B636-47D5-963B-424D5EE65429}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4DE55B7B-967B-40BA-8EF2-A04EBD83243F}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C357C6E8-A0A3-4868-A4D5-1B676C1CFCC9}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{15C53E81-63CD-4A77-932F-D04FBD9C9215}] => (Allow) F:\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{E20954B3-2727-4E68-A8EB-E2703C5FDACD}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_sp64_ship.exe
FirewallRules: [{BB44593E-9C9B-4927-BA2B-FA3070F13C8F}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_sp64_ship.exe
FirewallRules: [{030AB5A9-E11A-461C-A38C-D24DC7707025}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_mp64_ship.exe
FirewallRules: [{48418C04-1BF6-4EF0-A666-AD26769CC43B}] => (Allow) F:\Steam\steamapps\common\Call of Duty Modern Warfare Remastered\h1_mp64_ship.exe
FirewallRules: [{BD615C38-4A01-42E2-BED4-C976F1DE4A5B}] => (Allow) F:\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{676FF26B-D02E-481F-A376-C450FFC865C9}] => (Allow) F:\Steam\steamapps\common\Call of Duty - Infinite Warfare\iw7_ship.exe
FirewallRules: [{9B9A60BD-7B0C-4425-A632-A87FB59ACE3D}] => (Allow) F:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{1C22C5FC-2CEA-4F1E-8C89-2F33DD4E7818}] => (Allow) F:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{74732222-5FD1-4B50-B83B-B449B7BEA8C4}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BC95A939-B471-44B1-9B00-981754DE572B}] => (Allow) F:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{E6C63998-924B-4145-83E6-CA952A6C861C}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AD61AD98-544A-4141-810E-B04E2AE53969}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7B269D47-646F-4C8C-8EA5-E8FC04CA6D5F}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{22AEB58C-8A4D-45DC-A460-2824920A8EBD}] => (Allow) F:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{C40DF1CB-E728-4114-BD46-22B974277592}] => (Allow) F:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{45783AD2-363B-4A20-B14B-2CBEC765F644}] => (Allow) F:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{059B5865-F287-4B15-A5FB-79D1B46AEA9C}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{46444FD0-1C64-41D4-9736-D052D5A4B8A5}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{7BDEF756-588B-42FD-8D4D-DF03BC6F4707}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{028AECDE-03E9-4A41-B7DA-B09FFC18076D}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{12AB4340-88C1-4A06-A266-CFB4F8ACD017}] => (Allow) C:\Users\Bjoern\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [UDP Query User{E86EFCA6-531C-431D-B115-CE134849EA92}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7113AFFE-3CB4-4E3D-A8E8-923D3141ACB8}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{3CFE430A-4EE3-4B03-9558-B63512FF7A48}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6E803E56-8229-4902-BD3F-86CC35BD2CE9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{385369FF-AD09-465D-BEDD-554C26AEE6D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E270DD34-3801-4445-BFB1-91E70FEB21BA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{68BF53F7-C99F-4F9C-86D7-4C2442692FE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E165101A-68FC-4480-B0D3-07D437EBC595}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3BE37640-9BFA-401C-BD13-DBAF36CD3D66}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{C1B3D135-9703-4B79-A3B8-BEBBDBD42B55}] => (Allow) F:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{8F20C0CB-B1AC-4B66-97A3-BD2AAF2462E8}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{7D553120-4CCD-40ED-92FE-B8C15DF9A9D8}] => (Allow) F:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{D4A5A85F-17EC-46DD-A41D-B664DB81833E}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{D8C986EE-C6FA-461E-A22B-0215F5DB5884}] => (Allow) F:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{A5BDAFC9-9C60-4F75-8ADA-4F36C445DA24}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{DDBE0211-1AE9-41C2-AF88-DAAB78B4D7CA}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{4B6BF6BF-6ED3-4AEE-A8FB-81212E421A9E}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{1DE659C0-8B4C-4301-8A36-0ABEAE581D13}] => (Allow) F:\Steam\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{2DAC7759-F765-4256-9248-63B99565111B}] => (Allow) F:\Steam\steamapps\common\BloonsTD5\BTD5-Win.exe
FirewallRules: [{8D3A2DBE-491E-4DE4-87BD-D7E42B06483F}] => (Allow) F:\Steam\steamapps\common\BloonsTD5\BTD5-Win.exe
FirewallRules: [{12DE8B49-A6C6-4FFC-9169-67B663DB62F8}] => (Allow) F:\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{50833A46-9FDF-4CC1-866C-F15F6BEE8124}] => (Allow) F:\Steam\steamapps\common\OrcsMustDieUnchained\Dashboard\Bin\SpitfireDashboard.exe
FirewallRules: [{60B5B5FB-125B-4A10-8A36-53CD52D4DAB3}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{14384E0D-5B17-405F-8500-84E32A79155C}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{59940059-D9C4-452D-8B8B-8727F1601A05}] => (Allow) F:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E62A7D80-3B57-4FE1-9D51-0BA56A9CFAF7}] => (Allow) F:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{A6D2B6FA-A9EB-4491-95B8-AE027DD51B8B}] => (Allow) F:\Games\Uplay\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{C129D92B-7C91-4A17-9E16-91A70E9B33E0}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{56D275C7-6AFE-4FA4-9087-D2567DC07451}] => (Allow) F:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{ED817AAC-0F44-4FA1-ABD4-CCCB69FDBCB0}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{230436B4-F253-498A-AC01-CC4BB733E4B7}] => (Allow) C:\Users\Administrator\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{BEC8A5DF-2DEE-4921-87FC-09DBC36E4646}] => (Allow) F:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{6DDD2CF2-6459-44F4-8B95-8CE32EC04552}] => (Allow) F:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{F334DC1A-2739-4FED-9134-62CC8135B3DA}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{444B5F84-9E11-4A05-B358-1481F6BBBD7E}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FA15EC11-2400-45A8-BE8A-06DA3985E01E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{A4530FF1-3888-4B71-BC9F-F555A98C5A05}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{16EB85B9-A3C4-47B2-9440-48EA6237009C}] => (Allow) F:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{B4DFAE12-8162-4635-BCBE-01C560D3BFBB}] => (Allow) F:\Steam\steamapps\common\Day of Defeat Source\hl2.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Xbox Wireless Adapter for Windows
Description: Xbox Wireless Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft Corporation
Service: mt7612US
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/22/2017 12:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/22/2017 12:10:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BJOERN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/22/2017 12:06:17 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A

Error: (06/22/2017 12:05:07 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A

Error: (06/22/2017 12:05:07 PM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A


Systemfehler:
=============
Error: (06/22/2017 12:22:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/22/2017 12:22:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht.

Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht.

Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht.

Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht.

Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht.

Error: (06/22/2017 12:19:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1f6939 erreicht.

Error: (06/22/2017 12:19:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/22/2017 12:19:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-06-22 12:24:08.163
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:24:08.124
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:23:35.981
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:23:35.757
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:23:35.645
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:09:41.580
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:09:32.780
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:09:32.684
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:09:32.087
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-06-22 12:09:31.647
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16325.89 MB
Verfügbarer physikalischer RAM: 11537.42 MB
Summe virtueller Speicher: 32709.89 MB
Verfügbarer virtueller Speicher: 26908.02 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:5.65 GB) NTFS
Drive d: (Foto Pollmann) (CDROM) (Total:0.08 GB) (Free:0 GB) UDF
Drive e: (Volume) (Fixed) (Total:232.78 GB) (Free:151.57 GB) NTFS
Drive f: (Volume) (Fixed) (Total:3725.9 GB) (Free:1813.06 GB) NTFS
Drive g: () (Fixed) (Total:69.02 GB) (Free:67.78 GB) NTFS
Drive h: () (Fixed) (Total:931.51 GB) (Free:115.67 GB) NTFS
Drive i: () (Removable) (Total:29.82 GB) (Free:15.59 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 69.2 GB) (Disk ID: 28EB28EB)

Partition: GPT.

========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 54B05093)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1EFD05FA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 111.8 GB) (Disk ID: 7F66E476)
Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 4 (Size: 931.5 GB) (Disk ID: 977A5656)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 29.8 GB) (Disk ID: C5A19CBB)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 22.06.2017, 13:01   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
BHO: Kein Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Keine Datei
Task: {38D3548C-32A2-495E-A002-91A8FB4D12D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {610E93EF-1973-4852-ABB3-D7D4647CD957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7BB3AC92-9677-47E1-BEA5-C1342EDF167E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7E409B5F-D9E7-41A0-A471-18015B36FF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {98EECE31-5197-47BA-AD28-CF713F3634D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {A4DFE095-8066-44EE-BAB7-B3BD3692E58A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 22.06.2017, 16:58   #30
Roboterfreun
 
Komische Ansage im Hintergrund - Standard

Komische Ansage im Hintergrund



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
durchgeführt von Bjoern (22-06-2017 17:53:38) Run:1
Gestartet von C:\Users\Bjoern\Desktop\Neuer Ordner (2)
Geladene Profile: Bjoern (Verfügbare Profile: Bjoern & Administrator)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
BHO: Kein Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Keine Datei
Task: {38D3548C-32A2-495E-A002-91A8FB4D12D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {610E93EF-1973-4852-ABB3-D7D4647CD957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7BB3AC92-9677-47E1-BEA5-C1342EDF167E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7E409B5F-D9E7-41A0-A471-18015B36FF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {98EECE31-5197-47BA-AD28-CF713F3634D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {A4DFE095-8066-44EE-BAB7-B3BD3692E58A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
emptytemp:
*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => Schlüssel erfolgreich entfernt
HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38D3548C-32A2-495E-A002-91A8FB4D12D5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38D3548C-32A2-495E-A002-91A8FB4D12D5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{610E93EF-1973-4852-ABB3-D7D4647CD957} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{610E93EF-1973-4852-ABB3-D7D4647CD957} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BB3AC92-9677-47E1-BEA5-C1342EDF167E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB3AC92-9677-47E1-BEA5-C1342EDF167E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E409B5F-D9E7-41A0-A471-18015B36FF5A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E409B5F-D9E7-41A0-A471-18015B36FF5A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98EECE31-5197-47BA-AD28-CF713F3634D0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98EECE31-5197-47BA-AD28-CF713F3634D0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4DFE095-8066-44EE-BAB7-B3BD3692E58A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4DFE095-8066-44EE-BAB7-B3BD3692E58A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8D2DF9C-9BCC-4194-91B5-473F3AA54F05} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB5BE4E3-2942-4DED-A514-7637D1D2D0A4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17008301 B
Java, Flash, Steam htmlcache => 148694772 B
Windows/system/drivers => 964306 B
Edge => 235547125 B
Chrome => 97473569 B
Firefox => 383701952 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 23330 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4082 B
NetworkService => 87020 B
Bjoern => 50990903 B
Administrator => 71851 B

RecycleBin => 6474923439 B
EmptyTemp: => 6.9 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:56:03 ====
         

Antwort

Themen zu Komische Ansage im Hintergrund
administrator, adobe, asus, converter, defender, detected, explorer, firefox, home, homepage, kaspersky, microsoft, mozilla, problem, prozesse, realtek, registry, router, rundll, scan, security, software, system, usb, windows




Ähnliche Themen: Komische Ansage im Hintergrund


  1. Win10 Über Lautsprecher kam eine Ansage - System langsam - F-secure Online-Scanner hängt sich auf
    Mülltonne - 21.06.2017 (6)
  2. Kommentar: Security-Fails mit Ansage
    Nachrichten - 30.06.2016 (0)
  3. TrendMicro wird ohne Ansage abgeschaltet
    Log-Analyse und Auswertung - 21.04.2015 (17)
  4. TrendMicro wird ohne Ansage abgeschaltet
    Mülltonne - 15.04.2015 (2)
  5. komische Musik wie Filmmusik im Hintergrund am PC
    Plagegeister aller Art und deren Bekämpfung - 01.02.2015 (41)
  6. Komische Datenströme
    Log-Analyse und Auswertung - 13.09.2013 (7)
  7. Ansage das ich eine MaleWare hätte
    Plagegeister aller Art und deren Bekämpfung - 10.07.2013 (23)
  8. Google Chrome auf Ansage geknackt
    Nachrichten - 08.03.2012 (0)
  9. bei meinem Computer läuft dauernd komische musik im hintergrund
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (11)
  10. Travianer Werbung und andere komische Musik/Tracks im Hintergrund auch ohne geöffnete Explorer ...?!
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (15)
  11. Komische hintergrund Programme?
    Log-Analyse und Auswertung - 16.04.2010 (1)
  12. komische sachen!?!
    Mülltonne - 08.12.2008 (0)
  13. Komische Exe?
    Log-Analyse und Auswertung - 28.07.2008 (2)
  14. komische links bei icq und komische email was ist das??
    Plagegeister aller Art und deren Bekämpfung - 09.05.2007 (3)
  15. Komische Zeichen
    Alles rund um Windows - 15.07.2005 (4)
  16. Komische Zeichen
    Mülltonne - 15.07.2005 (1)
  17. Komische Prozesse?!?
    Plagegeister aller Art und deren Bekämpfung - 27.04.2005 (32)

Zum Thema Komische Ansage im Hintergrund - Auf ein neues, danke schonmal für die Mühe mit mir. Code: Alles auswählen Aufklappen ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01 durchgeführt von Administrator (Administrator) - Komische Ansage im Hintergrund...
Archiv
Du betrachtest: Komische Ansage im Hintergrund auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.