Windows 10: Firefox leitet ungewollt auf Werbung und Anker-Links in Texten.

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08.02.2018
durchgeführt von Dragon (Administrator) auf DESKTOP-2K12HQ3 (09-02-2018 12:15:00)
Gestartet von C:\Users\Dragon\Downloads
Geladene Profile: Dragon (Verfügbare Profile: Dragon)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
(Dassault Systèmes) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(Microsoft Corporation) E:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
(Geek Software GmbH) E:\Program Files (x86)\PDF24\pdf24.exe
(Mentor Graphics Corporation) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Electronic Arts) E:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Mentor Graphics Corporation) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAC8SWK.EXE
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Discord Inc.) C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\Discord.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Discord Inc.) C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ROCCAT GmbH) E:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(ROCCAT GmbH Co., Ltd.) E:\Program Files (x86)\ROCCAT\Roccat Talk.exe
(ROCCAT GmbH) E:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(Dassault Systèmes SolidWorks Corp.) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp64.exe
(Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Geek Software GmbH) E:\Program Files (x86)\PDF24\pdf24.exe
(ShareX Team) E:\Program Files\ShareX\ShareX.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Steven Mayall) E:\Program Files (x86)\MusicBee\MusicBee.exe
(Electronic Arts) E:\Program Files (x86)\Origin\Origin.exe
() E:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() E:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [RoccatIskuFX] => E:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKoneXTD] => E:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [PDFPrint] => E:\Program Files (x86)\PDF24\pdf24.exe [413320 2017-09-14] (Geek Software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [Discord] => C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [DisplayFusion] => E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8626064 2017-11-14] (Binary Fortress Software)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2386392 2018-01-30] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2017-10-19]
ShortcutTarget: Roccat Talk.lnk -> E:\Program Files (x86)\ROCCAT\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Fast Start.lnk [2017-11-08]
ShortcutTarget: SOLIDWORKS 2017 Fast Start.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\Users\Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-02-04]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2017-11-30]
ShortcutTarget: ShareX.lnk -> E:\Program Files\ShareX\ShareX.exe (ShareX Team)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8b6e54a5-7c52-4c4d-ab55-7b220501d502}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {C3792918-C8C3-4DB2-9217-F07AA79DE802} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\.DEFAULT -> {C3792918-C8C3-4DB2-9217-F07AA79DE802} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3012858150-3015319604-1906791415-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-02-01] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-30] (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-02-01] (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Keine Datei
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-02-01] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-02-01] (Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)

Edge: 
======
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2018-02-04]

FireFox:
========
FF DefaultProfile: z9kow66c.default-1518035987603
FF ProfilePath: C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603 [2018-02-09]
FF Extension: (BetterTTV) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\firefox@betterttv.net.xpi [2018-02-09]
FF Extension: (FrankerFaceZ) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\frankerfacez@frankerfacez.com.xpi [2018-02-09]
FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\jid0-bnmfwWw2w2w4e4edvcdDbnMhdVg@jetpack.xpi [2018-02-07]
FF Extension: (BugzillaJS) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\jid0-NgMDcEu2B88AbzZ6ulHodW9sJzA@jetpack.xpi [2018-02-07]
FF Extension: (uBlock Origin) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\uBlock0@raymondhill.net.xpi [2018-02-07]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2017-09-29]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2017-09-29] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Composer Player\Bin\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-30] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-02-06] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Composer Player\Bin\x86\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems)
StartMenuInternet: Firefox-A170175AFC21990C - E:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2090152 2017-08-11] (Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968432 2018-01-30] (Microsoft Corporation)
S3 CoordinatorServiceHost; E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81304 2017-02-04] (Dassault Systèmes SolidWorks Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-25] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-25] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-02-05] (Dropbox, Inc.)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103072 2017-12-04] (Bitdefender)
R2 DisplayFusionService; E:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5291424 2017-11-14] (Binary Fortress Software)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1284328 2018-02-09] ()
R2 ewserver; E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [184368 2017-02-03] ()
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2017-02-03] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 MSSQL$TEW_SQLEXPRESS; E:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts)
R2 Origin Web Helper Service; E:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts)
R2 PDF24; E:\Program Files (x86)\PDF24\pdf24.exe [413320 2017-09-14] (Geek Software GmbH)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
R2 RemoteSolverDispatcher; E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [240136 2017-02-03] (Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-11-08] (SolidWorks) [Datei ist nicht signiert]
S4 SQLAgent$TEW_SQLEXPRESS; E:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation)
R2 SWVisualize2017.Queue.Server; E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [26008 2017-02-03] (Dassault Systèmes)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [118096 2018-02-01] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1170712 2018-02-01] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1058784 2018-02-01] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1765336 2018-02-01] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-06-06] (BitDefender LLC)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47376 2017-11-24] (© Bitdefender SRL)
S3 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
S3 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [338744 2018-02-01] (Bitdefender)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45192 2017-08-18] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-04-11] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [47096 2017-12-31] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-02-09 12:15 - 2018-02-09 12:15 - 000029894 _____ C:\Users\Dragon\Downloads\FRST.txt
2018-02-09 12:14 - 2018-02-09 12:15 - 000000000 ____D C:\FRST
2018-02-09 12:14 - 2018-02-09 12:14 - 002401792 _____ (Farbar) C:\Users\Dragon\Downloads\FRST64.exe
2018-02-09 12:00 - 2018-02-09 12:02 - 020410532 _____ C:\Users\Dragon\Downloads\3HpI14kolcG4NP.rar.part
2018-02-09 12:00 - 2018-02-09 12:00 - 092815360 _____ C:\Users\Dragon\Downloads\0AqxIq3hBMeTGP.rar.part
2018-02-09 12:00 - 2018-02-09 12:00 - 000000000 _____ C:\Users\Dragon\Downloads\3HpI14kolcG4NP.rar
2018-02-09 12:00 - 2018-02-09 12:00 - 000000000 _____ C:\Users\Dragon\Downloads\0AqxIq3hBMeTGP.rar
2018-02-07 21:39 - 2018-02-07 21:39 - 000000000 ____D C:\Users\Dragon\Desktop\Alte Firefox-Daten
2018-02-07 21:39 - 2018-02-07 21:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-02-07 00:03 - 2018-02-07 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-06 22:15 - 2018-02-06 22:52 - 000000000 ____D C:\Users\Dragon\Documents\Overwatch
2018-02-06 22:13 - 2018-02-06 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2018-02-06 21:51 - 2018-02-06 21:51 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2018-02-06 21:49 - 2018-02-07 21:34 - 000000000 ____D C:\Users\Dragon\AppData\Local\Battle.net
2018-02-06 21:49 - 2018-02-06 22:41 - 000000000 ____D C:\Users\Dragon\AppData\Local\Blizzard Entertainment
2018-02-06 21:49 - 2018-02-06 22:15 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Battle.net
2018-02-06 21:49 - 2018-02-06 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-02-06 21:48 - 2018-02-06 21:48 - 000000000 ____D C:\Users\Dragon\AppData\Local\Blizzard
2018-02-06 21:47 - 2018-02-06 21:47 - 000000000 ____D C:\ProgramData\Battle.net
2018-02-06 09:06 - 2018-02-06 09:06 - 000003592 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-2K12HQ3-Dragon
2018-02-05 12:25 - 2018-02-05 12:25 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-02-05 12:25 - 2018-02-05 12:25 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-02-05 12:25 - 2018-02-05 12:25 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-02-05 12:25 - 2018-02-05 12:25 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-02-05 09:51 - 2018-02-05 09:51 - 001434797 _____ C:\Users\Dragon\Downloads\shadersmod112.exe
2018-02-05 09:51 - 2018-02-05 09:51 - 000000247 _____ C:\SILENT
2018-02-04 23:47 - 2018-02-05 22:22 - 000000000 ____D C:\Users\Dragon\AppData\Local\PlaceholderTileLogoFolder
2018-02-04 15:53 - 2018-02-04 15:53 - 000001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-01-29 22:21 - 2018-01-23 23:42 - 000137712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-01-29 22:21 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-01-29 22:21 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-01-29 22:21 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-01-29 22:21 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-01-29 22:19 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001334808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001325384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001049480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001043128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000795928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000740336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000599352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-27 21:28 - 2018-01-27 21:28 - 007906720 _____ (Tim Kosse) C:\Users\Dragon\Downloads\FileZilla_3.30.0_win64-setup.exe
2018-01-27 20:06 - 2018-01-27 20:06 - 000000000 ____D C:\Users\Dragon\Documents\FeedbackHub
2018-01-23 21:28 - 2018-01-23 21:28 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-01-23 21:27 - 2018-01-23 21:27 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-01-18 19:01 - 2018-01-18 19:01 - 000000000 ____D C:\Users\Dragon\AppData\Local\ESET
2018-01-18 18:56 - 2018-01-18 18:59 - 000000000 ____D C:\AdwCleaner
2018-01-17 19:29 - 2018-01-17 19:29 - 000301536 _____ C:\WINDOWS\ntbtlog.txt
2018-01-17 19:29 - 2018-01-17 19:29 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-01-13 15:49 - 2018-01-14 20:28 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-01-13 15:49 - 2018-01-13 15:49 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-02-09 12:07 - 2017-10-18 20:48 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\TS3Client
2018-02-09 11:56 - 2017-10-18 17:02 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Skype
2018-02-09 11:54 - 2017-11-26 19:30 - 000000000 ____D C:\Users\Dragon\Documents\Elster
2018-02-09 11:47 - 2017-11-26 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2018-02-09 11:46 - 2017-11-30 19:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-09 09:35 - 2018-01-06 16:48 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7C79EDC0-9C42-49DE-ADFA-5FE64895D923}
2018-02-09 09:35 - 2017-11-08 19:05 - 000000000 ____D C:\Users\Dragon\AppData\Local\Adobe
2018-02-09 09:34 - 2017-10-17 10:58 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-09 09:32 - 2018-01-06 15:29 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Origin
2018-02-07 22:36 - 2018-01-06 15:28 - 000000000 ____D C:\ProgramData\Origin
2018-02-07 21:49 - 2018-01-06 16:59 - 000000000 ____D C:\Users\Dragon\Desktop\WSC
2018-02-07 21:48 - 2017-12-30 17:15 - 000000000 ____D C:\Users\Dragon\Desktop\Dein MeineKraft
2018-02-07 21:48 - 2017-10-18 17:06 - 000000000 ____D C:\Users\Dragon\Desktop\Programme
2018-02-07 21:43 - 2017-11-30 19:18 - 002591498 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-07 21:43 - 2017-10-18 16:09 - 000000000 ____D C:\Users\Dragon\AppData\LocalLow\Mozilla
2018-02-07 21:43 - 2017-09-30 15:35 - 001156912 _____ C:\WINDOWS\system32\perfh007.dat
2018-02-07 21:43 - 2017-09-30 15:35 - 000280306 _____ C:\WINDOWS\system32\perfc007.dat
2018-02-07 21:40 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-07 21:39 - 2017-10-29 09:33 - 000000000 ___RD C:\Users\Dragon\Creative Cloud Files
2018-02-07 21:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-07 21:38 - 2017-10-18 16:51 - 000000000 ____D C:\Program Files\Microsoft Office
2018-02-07 21:37 - 2017-11-30 19:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-07 21:37 - 2017-10-19 16:39 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\MusicBee
2018-02-07 21:37 - 2017-10-18 16:03 - 000012168 _____ C:\bdlog.txt
2018-02-07 21:37 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-07 21:37 - 2017-09-29 09:45 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2018-02-07 21:25 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-07 20:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-07 20:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-07 20:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-07 00:03 - 2017-10-25 18:43 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-02-06 23:30 - 2017-10-18 17:06 - 000000000 ____D C:\Users\Dragon\Desktop\Spiele
2018-02-06 15:28 - 2017-11-24 19:53 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\.minecraft
2018-02-06 12:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 12:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 11:45 - 2017-11-24 19:38 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\FileZilla
2018-02-06 09:33 - 2017-10-18 21:12 - 000000000 ____D C:\Users\Dragon\Documents\ShareX
2018-02-06 09:01 - 2017-10-17 10:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 14:47 - 2017-11-30 19:16 - 000000000 ____D C:\Users\Dragon\AppData\Local\Packages
2018-02-05 09:53 - 2017-10-19 17:47 - 000000000 ____D C:\Users\Dragon\AppData\Local\CrashDumps
2018-02-04 16:27 - 2017-10-18 15:44 - 000000000 ____D C:\Users\Dragon\AppData\Local\NVIDIA
2018-02-04 16:12 - 2017-10-18 15:44 - 000000000 ____D C:\Users\Dragon\AppData\Local\ConnectedDevicesPlatform
2018-02-04 15:52 - 2017-10-20 23:00 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-02-04 15:52 - 2017-10-17 10:48 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-03 13:33 - 2017-11-24 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-02-02 19:34 - 2017-12-22 11:33 - 000000000 ____D C:\Users\Dragon\Documents\JGV Kleinbüllesheim
2018-02-01 19:25 - 2017-10-18 15:58 - 001765336 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2018-02-01 19:25 - 2017-10-18 15:58 - 001058784 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2018-02-01 19:25 - 2017-10-18 15:58 - 000338744 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2018-01-29 22:21 - 2017-10-17 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-01-29 22:21 - 2017-10-17 10:58 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-29 22:21 - 2017-10-17 10:58 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-01-29 22:21 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-29 22:15 - 2017-11-30 19:19 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-10-17 10:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-27 21:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-26 17:34 - 2017-11-30 19:19 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3012858150-3015319604-1906791415-1002
2018-01-26 17:34 - 2017-10-18 15:45 - 000002397 _____ C:\Users\Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-26 17:34 - 2017-10-18 15:45 - 000000000 ___RD C:\Users\Dragon\OneDrive
2018-01-24 01:23 - 2017-11-16 20:00 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-24 01:23 - 2017-11-16 20:00 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-01-24 01:23 - 2017-11-16 20:00 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-24 00:11 - 2017-10-17 10:58 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-23 23:57 - 2017-10-17 10:58 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-23 21:27 - 2017-11-08 19:05 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Adobe
2018-01-23 21:27 - 2017-10-19 15:53 - 000000000 ____D C:\Users\Dragon\Documents\Adobe
2018-01-22 06:46 - 2017-10-17 10:58 - 007947791 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-18 18:59 - 2017-11-30 19:16 - 000000000 ____D C:\Users\Dragon
2018-01-18 18:58 - 2017-10-18 15:45 - 000000008 __RSH C:\ProgramData\ntuser.pol
2018-01-17 19:13 - 2017-11-30 11:33 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-14 20:27 - 2017-11-08 19:05 - 000000000 ____D C:\ProgramData\Adobe
2018-01-13 14:43 - 2017-11-22 17:45 - 000001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2018.lnk
2018-01-13 14:42 - 2017-11-03 23:57 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Notepad++
2018-01-13 14:37 - 2017-11-22 17:43 - 000000000 ____D C:\Program Files\Adobe
2018-01-10 19:40 - 2017-07-13 14:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 19:39 - 2017-10-18 21:42 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 19:39 - 2017-10-18 16:20 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\discord
2018-01-10 19:39 - 2017-07-13 14:02 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-10 15:33 - 2017-10-17 10:59 - 002425656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-01-10 15:33 - 2017-10-17 10:59 - 002090800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-01-10 15:33 - 2017-10-17 10:59 - 001310008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-01-10 10:41 - 2017-10-17 10:59 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-10-24 19:44 - 2017-10-24 19:44 - 000007357 _____ () C:\Users\Dragon\AppData\Local\recently-used.xbel
2017-12-04 22:54 - 2017-12-05 22:42 - 000000000 _____ () C:\Users\Dragon\AppData\Local\Temptable.xml

Einige Dateien in TEMP:
====================
2018-02-05 10:05 - 2018-02-05 10:05 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-1860391971259494434.dll
2018-02-05 10:02 - 2018-02-05 10:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-1976829252780265679.dll
2018-02-05 09:47 - 2018-02-05 09:47 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-2320481345951977011.dll
2018-02-05 09:44 - 2018-02-05 09:44 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-2347750847819681688.dll
2018-02-05 09:55 - 2018-02-05 09:55 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-2656053374831016220.dll
2018-02-06 13:51 - 2018-02-06 13:51 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-3879020603529766942.dll
2018-02-05 10:00 - 2018-02-05 10:00 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-5704812642758084849.dll
2018-02-05 09:46 - 2018-02-05 09:46 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-601811976392456653.dll
2018-02-05 09:55 - 2018-02-05 09:55 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-6115492736002163239.dll
2018-02-05 10:07 - 2018-02-05 10:07 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-6331981582616892757.dll
2018-02-05 09:44 - 2018-02-05 09:44 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-6464180312889170293.dll
2018-02-05 10:18 - 2018-02-05 10:18 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-6880964939987508599.dll
2018-02-05 10:15 - 2018-02-05 10:15 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-691417073719703130.dll
2018-02-05 10:03 - 2018-02-05 10:03 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-7087624380406155340.dll
2018-02-05 10:30 - 2018-02-05 10:30 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-7824266881673283105.dll
2018-02-06 15:28 - 2018-02-06 15:28 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-8648675716350005115.dll
2018-02-05 10:20 - 2018-02-05 10:20 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-9161820950178068352.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-02-09 11:19

==================== Ende von FRST.txt ============================