Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Avast schlägt an nix im container (https://www.trojaner-board.de/184725-avast-schlaegt-nix-container.html)

Glaringsoul 11.03.2017 18:48
Avast schlägt an nix im container
 
Hallo,
Seit einigen Tagen habe ich jetzt das Problem, dass avast immer wieder anschlägt und mir mitteilt, dass "Gefährliche Daten" gefunden wurden und in den Container verschoben wurden ...

Der ist jedoch Leer, Scans mit MBAM, MBAR, Eurem ESET(free), ADW Cleaner und einem Programm names TSA-Adware Removal
( hxxp://www.adwareremovaltool.org/ )(wude in foren empfohlen ...)
Haben wiederholt angeschlagen und mir PUP's bzw Adware gemeldet und vermeindlich entfernt so 3-4 suchdurchläufe lang ...

Bis auf das sie wieder da sind. nicht teilweise sondern komplett... (bzw. sie wurden erneut als vorhanden angezeigt) :pfui:

Diese "Programme" hatten bisher keinen direkten effekt auf meinen Browser (oder ich habe es nicht bemerkt) keine Toolbars, keine Suchmaschienenänderung NICHTS!!!!

und da mir das doch etwas Fischig erscheint (avast schlägt ja an) und sie teilweise sich selbt wiederhergestellt haben suche ich nun Hilfe diese Biester auszurotten ...

HABE KEINEN WIEDERHERSTELLUNGSPUNKT werde mir aber einen zulegen ...

Keine Sensitiven Daten auf dem Rechner oder sonst wie muss ihn aber recht häufig sowohl Schulisch wie Privat nutzen (werde mich jedoch wenn nötig zurückhalten)...

Handelt es sich hier einfach um eine Negativ Falschmeldung oder ist mit etwas schlimmerem zu rechnen ? BZW welches Freeware Antivirus empfehlt ihr denn ? LG

Glare

Ps: Habe bereits einmal mit euch gearbeitet da ging es aber um Trojaner deswegen brauche ich Generell keine Schritt für Schritt Anleitung sonder einfach sagen Bsp. FRST Log erstellen ...und ich sollte das hinbekommen

cosinus 11.03.2017 21:01
Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Glaringsoul 12.03.2017 00:03
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017 01
durchgeführt von Henselmann (Administrator) auf FATAL-CRYPT-ERR (12-03-2017 00:01:44)
Gestartet von C:\Users\Henselmann\Downloads
Geladene Profile: Henselmann (Verfügbare Profile: defaultuser0 & Henselmann)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Flux Software LLC) C:\Users\Henselmann\AppData\Local\FluxSoftware\Flux\flux.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5459\Agent.exe
(Blizzard Entertainment) D:\Blizzard\Battle.net\Battle.net.8423\Battle.net.exe
(Akamai Technologies, Inc.) C:\Users\Henselmann\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Henselmann\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SPEEDLINK) C:\Program Files (x86)\SPEEDLINK\ACCUSOR Advanced Gaming Keyboard\Monitor.EXE
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() D:\Blizzard\Battle.net\Battle.net.8423\Battle.net Helper.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Henselmann\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
() D:\Blizzard\Battle.net\Battle.net.8423\Battle.net Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ASLED.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 2016-01-27] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-04] (AVAST Software)
HKLM-x32\...\Run: [ACCUSOR Advanced Gaming Keyboard Driver] => C:\Program Files (x86)\SPEEDLINK\ACCUSOR Advanced Gaming Keyboard\Monitor.exe [1972736 2016-10-10] (SPEEDLINK)
HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1599808 2015-08-14] (Razer Inc)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9539800 2016-12-15] (Piriform Ltd)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [f.lux] => C:\Users\Henselmann\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-09] (Valve Corporation)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Discord] => C:\Users\Henselmann\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Battle.net] => D:\Blizzard\Battle.net\Battle.net Launcher.exe [3122152 2017-01-26] (Blizzard Entertainment)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Henselmann\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe [2111488 2016-06-06] (TODO: <Company name>)
SSODL: EldosMountNotificator-cbfs6 - {2BDE6E34-89F1-4989-8908-582D4DAB9A1E} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {2BDE6E34-89F1-4989-8908-582D4DAB9A1E} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-04] (AVAST Software)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {0C9DD067-B805-44B0-ADF1-4DC31E9C35E5} => C:\Windows\system32\cbfsMntNtf6.dll [2016-08-03] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {0C9DD067-B805-44B0-ADF1-4DC31E9C35E5} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-08-03] (/n software, Inc.)
Startup: C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-01-15]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Henselmann\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2fca545b-e1d8-474e-8e16-93c937e8e135}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001 -> hxxp://www.google.com

FireFox:
========
FF ProfilePath: C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 [2017-03-11]
FF NewTab: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> Google
FF Homepage: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> hxxps://www.google.com/search?bcutc=sp-006
FF Extension: (Test Pilot) - C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\Extensions\@testpilot-addon.xpi [2017-03-07]
FF Extension: (Ghostery) - C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\Extensions\firefox@ghostery.com.xpi [2017-02-26]
FF Extension: (uBlock Origin) - C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\Extensions\uBlock0@raymondhill.net.xpi [2017-03-04]
FF SearchPlugin: C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\searchplugins\google-avast.xml [2017-03-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2017-01-02] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ASLED; C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ASLED.exe [49664 2016-06-14] (TODO: <Company name>) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-04] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-04] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-04] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-01-10] (BitRaider, LLC)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7847256 2016-10-18] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2124296 2017-03-07] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2185232 2017-03-07] (Electronic Arts)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672208 2017-02-03] (Wacom Technology, Corp.)
S2 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-04] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-04] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [461640 2017-03-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-04] (AVAST Software)
R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-08-03] (/n software, Inc.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-02-18] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-02-18] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-14] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-14] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2017-03-11] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [91584 2017-01-14] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2a6e383a1adc0e24\nvlddmkm.sys [14569528 2017-02-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-10-10] (Realtek                                            )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [18624 2016-08-03] (/n software, Inc.)
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [119952 2017-01-25] (Wacom Technology)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36808 2017-03-11] (Wellbia.com Co., Ltd.)
U1 aswbdisk; kein ImagePath
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-12 00:01 - 2017-03-12 00:01 - 00023630 _____ C:\Users\Henselmann\Downloads\FRST.txt
2017-03-12 00:00 - 2017-03-12 00:01 - 2005164028 _____ C:\Users\Henselmann\Desktop\Kram.zip
2017-03-11 23:59 - 2017-03-11 23:59 - 29389413 _____ C:\Users\Henselmann\Downloads\Hentai_Pictures_Pack_45_(www.hentairules.net) (2).zip
2017-03-11 23:59 - 2017-03-11 23:59 - 05858628 _____ C:\Users\Henselmann\Downloads\Ino Yamanaka Hentai Pics (2).zip
2017-03-11 23:56 - 2017-03-12 00:01 - 00000000 ____D C:\FRST
2017-03-11 23:55 - 2017-03-11 23:55 - 02424320 _____ (Farbar) C:\Users\Henselmann\Downloads\FRST64.exe
2017-03-11 19:11 - 2017-03-11 19:11 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\Sun
2017-03-11 19:11 - 2017-03-11 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WAIS-IV
2017-03-11 18:57 - 2017-03-11 19:06 - 00000000 ____D C:\Users\Henselmann\Desktop\mbar
2017-03-11 18:55 - 2017-03-11 18:55 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Henselmann\Downloads\mbar-1.09.3.1001(1).exe
2017-03-10 15:29 - 2017-03-11 10:39 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-03-10 15:29 - 2017-03-10 15:44 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-03-10 15:28 - 2017-03-10 15:28 - 00752296 _____ C:\Users\Henselmann\Downloads\Adware Removal Tool by TSA.exe
2017-03-10 15:26 - 2017-03-10 15:26 - 00000386 _____ C:\Windows\SysWOW64\data.bin
2017-03-10 15:26 - 2017-03-10 15:26 - 00000000 _____ C:\Windows\SysWOW64\4
2017-03-10 15:26 - 2017-03-10 15:26 - 00000000 _____ C:\Windows\SysWOW64\3
2017-03-10 15:22 - 2017-03-10 15:22 - 00000000 ____D C:\Program Files (x86)\Ckosushdekey
2017-03-09 16:30 - 2017-03-09 16:30 - 00000000 ____D C:\Temp
2017-03-09 16:30 - 2017-03-09 16:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-09 16:30 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-09 16:30 - 2017-01-26 01:13 - 00103936 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-03-09 16:30 - 2017-01-26 01:12 - 00326656 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-03-09 16:30 - 2017-01-26 01:09 - 00322560 _____ C:\Windows\system32\vulkan-1.dll
2017-03-09 16:30 - 2017-01-26 01:09 - 00118272 _____ C:\Windows\system32\vulkaninfo.exe
2017-03-09 16:29 - 2017-03-09 16:30 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-03-09 16:28 - 2017-02-23 23:55 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 34992184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 28252608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 19007528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 11122728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 11019888 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 09306312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 08990256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 03168192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 02717752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 01052096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00989632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00959424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00946456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00944224 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00910784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00721768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00719856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00687408 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00618416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00605120 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00576008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00573632 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00483384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00447984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-08 01:00 - 2017-03-10 15:25 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-07 18:03 - 2017-03-07 18:03 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-03-07 17:58 - 2017-03-07 21:17 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-03-07 17:58 - 2017-03-07 17:58 - 00002096 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2017-03-07 17:58 - 2017-03-07 17:58 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\Adobe
2017-03-07 17:57 - 2017-03-07 17:59 - 00000000 ____D C:\ProgramData\Adobe
2017-03-07 17:57 - 2017-03-07 17:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-03-07 17:56 - 2017-03-07 17:58 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Adobe
2017-03-07 17:25 - 2017-03-07 17:25 - 00001159 _____ C:\Users\Public\Desktop\Mass Effect 3.lnk
2017-03-06 21:11 - 2017-03-06 21:11 - 00000000 ____D C:\Users\Henselmann\Desktop\saveedit_rev25
2017-03-06 21:10 - 2017-03-06 21:10 - 00055487 _____ C:\Users\Henselmann\Downloads\saveedit_rev25.zip
2017-03-06 21:10 - 2017-03-06 21:10 - 00000000 ____D C:\ProgramData\Estsoft
2017-03-04 21:21 - 2017-03-04 21:21 - 03086696 _____ C:\Users\Henselmann\Downloads\instspeedfan452(1).exe
2017-03-04 21:21 - 2017-03-04 21:21 - 00001080 _____ C:\Users\Henselmann\Desktop\SpeedFan.lnk
2017-03-04 21:21 - 2017-03-04 21:21 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-03-04 19:38 - 2017-03-04 19:38 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Internet Security.lnk
2017-03-04 19:38 - 2017-03-04 19:38 - 00001967 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2017-03-04 19:38 - 2017-03-04 19:37 - 00461640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-03-04 19:38 - 2017-03-04 19:31 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-04 19:34 - 2017-03-10 16:11 - 00004044 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1488652479
2017-03-04 19:34 - 2017-03-10 16:11 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-04 19:34 - 2017-03-04 19:34 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-04 19:34 - 2017-03-04 19:34 - 00001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-03-04 19:32 - 2017-03-04 19:32 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\AVAST Software
2017-03-04 19:31 - 2017-03-10 15:49 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-04 19:31 - 2017-03-04 19:38 - 00003994 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-04 19:31 - 2017-03-04 19:31 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00496896 _____ C:\Users\Henselmann\Downloads\flux-setup.exe
2017-03-04 19:31 - 2017-03-04 19:31 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-04 19:31 - 2017-03-04 19:31 - 00002185 _____ C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-03-04 19:31 - 2017-03-04 19:31 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-03-04 19:31 - 2017-03-04 19:31 - 00000000 ____D C:\Users\Henselmann\AppData\Local\FluxSoftware
2017-03-04 19:30 - 2017-03-04 19:34 - 00000000 ____D C:\Program Files\AVAST Software
2017-03-04 19:29 - 2017-03-04 23:54 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-04 19:29 - 2017-03-04 19:29 - 06654960 _____ (AVAST Software) C:\Users\Henselmann\Downloads\avast_free_antivirus_setup_online.exe
2017-03-04 10:23 - 2017-03-04 10:24 - 04121760 _____ (Husdawg, LLC) C:\Users\Henselmann\Downloads\Detection(1).exe
2017-03-03 18:13 - 2017-03-03 18:13 - 00000000 ____D C:\Windows\System32\Tasks\Avira
2017-03-01 18:21 - 2017-03-01 18:21 - 00000000 ____D C:\Users\Henselmann\Desktop\1408077412919_transistor
2017-03-01 18:19 - 2017-03-01 18:19 - 04031440 _____ C:\Users\Henselmann\Desktop\adwcleaner_6.044.exe
2017-03-01 17:44 - 2017-03-01 17:44 - 15220605 _____ C:\Users\Henselmann\Downloads\1408077412919_transistor.zip
2017-02-28 13:00 - 2017-02-28 13:00 - 01191352 _____ ( ) C:\Users\Henselmann\Downloads\hwmonitor_1.30.exe
2017-02-28 13:00 - 2017-02-28 13:00 - 00000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-02-28 13:00 - 2017-02-28 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-02-28 13:00 - 2017-02-28 13:00 - 00000000 ____D C:\Program Files\CPUID
2017-02-28 01:55 - 2017-03-05 10:40 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-02-28 01:55 - 2017-03-04 21:21 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2017-02-28 01:55 - 2017-02-28 01:55 - 03086696 _____ C:\Users\Henselmann\Downloads\instspeedfan452.exe
2017-02-27 22:32 - 2017-02-27 22:32 - 02212462 _____ C:\Users\Henselmann\Downloads\TMACv6.0.7_Setup.zip
2017-02-27 22:32 - 2017-02-27 22:32 - 01070232 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2017-02-27 22:32 - 2017-02-27 22:32 - 01010720 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\MSCHRT20.OCX
2017-02-27 22:32 - 2017-02-27 22:32 - 00224016 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2017-02-27 22:32 - 2017-02-27 22:32 - 00140488 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2017-02-27 22:32 - 2017-02-27 22:32 - 00001273 _____ C:\Users\Public\Desktop\TMAC v6.lnk
2017-02-27 22:32 - 2017-02-27 22:32 - 00000000 ____D C:\Program Files (x86)\Technitium
2017-02-26 18:54 - 2017-02-26 18:54 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-02-26 17:24 - 2017-02-26 17:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2017-02-26 17:19 - 2017-02-26 17:20 - 82101304 _____ C:\Users\Henselmann\Downloads\WacomTablet_6.3.15-3.exe
2017-02-26 17:17 - 2017-02-26 17:17 - 00001951 _____ C:\Users\Henselmann\Desktop\Wacom Tablett-Eigenschaften.lnk
2017-02-26 16:17 - 2017-02-26 17:21 - 00000016 _____ C:\Users\Henselmann\Desktop\BDO.txt
2017-02-26 15:55 - 2017-03-11 18:52 - 00000000 ____D C:\AdwCleaner
2017-02-26 12:10 - 2017-02-26 12:11 - 00000000 ____D C:\Users\Henselmann\Desktop\SCHULE
2017-02-26 10:08 - 2017-02-26 10:08 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Henselmann\Downloads\avira_de_fass0_58b29474b3687__ws.exe
2017-02-25 23:24 - 2017-03-10 15:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-25 23:24 - 2017-03-10 15:28 - 00001208 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-25 23:24 - 2017-03-10 15:28 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-25 23:24 - 2017-02-25 23:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-25 23:22 - 2017-02-25 23:22 - 00245600 _____ C:\Users\Henselmann\Downloads\Firefox Setup Stub 51.0.1.exe
2017-02-25 23:11 - 2017-02-25 23:11 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Pmuthercoudole
2017-02-25 16:51 - 2017-02-25 16:51 - 00000000 ____D C:\Users\Henselmann\Desktop\WhatsApp Chat - Mama
2017-02-25 16:51 - 2017-02-25 13:16 - 15712860 _____ C:\Users\Henselmann\Desktop\WhatsApp Chat - Mama.zip
2017-02-25 00:27 - 2017-02-25 00:27 - 00066608 _____ C:\Users\Henselmann\Downloads\saveedit_rev23.zip
2017-02-24 19:48 - 2017-02-24 19:48 - 00000000 ____D C:\Users\Henselmann\Documents\BioWare
2017-02-24 19:48 - 2017-02-24 19:48 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-02-24 14:39 - 2017-02-24 14:39 - 00001061 _____ C:\Users\Public\Desktop\Mass Effect 2.lnk
2017-02-24 14:39 - 2017-02-24 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
2017-02-24 12:28 - 2017-03-10 15:36 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Origin
2017-02-24 12:28 - 2017-02-24 12:28 - 00000575 _____ C:\Users\Public\Desktop\Origin.lnk
2017-02-24 12:28 - 2017-02-24 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-02-24 12:26 - 2017-03-09 22:57 - 00000000 ____D C:\ProgramData\Origin
2017-02-24 12:26 - 2017-02-24 12:28 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Origin
2017-02-24 12:26 - 2017-02-24 12:26 - 00000000 ____D C:\Users\Henselmann\.Origin
2017-02-24 12:15 - 2017-02-24 12:15 - 00001358 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2017-02-23 20:59 - 2017-02-23 20:59 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Wacom
2017-02-23 20:59 - 2017-02-23 20:59 - 00000000 ____D C:\Users\Henselmann\.android
2017-02-23 20:02 - 2017-02-26 17:23 - 00000000 ____D C:\Program Files\Tablet
2017-02-23 20:02 - 2017-02-23 20:59 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\WTablet
2017-02-23 20:02 - 2017-02-23 20:02 - 00000000 ____D C:\Program Files\TabletPlugins
2017-02-23 20:02 - 2017-02-23 20:02 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2017-02-23 20:02 - 2017-02-03 01:01 - 02274256 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 02267600 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 02173392 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 02111952 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01787856 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01781200 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01673168 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01632720 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2017-02-23 20:02 - 2017-01-25 18:52 - 00119952 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2017-02-23 20:02 - 2016-11-15 22:43 - 00033960 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2017-02-23 20:02 - 2016-08-03 16:01 - 00018848 _____ (/n software, Inc.) C:\Windows\system32\elevtmsg.dll
2017-02-23 20:02 - 2016-08-03 16:00 - 00235424 _____ (/n software, Inc.) C:\Windows\SysWOW64\cbfsNetRdr6.dll
2017-02-23 20:02 - 2016-08-03 16:00 - 00134560 _____ (/n software, Inc.) C:\Windows\system32\cbfsNetRdr6.dll
2017-02-23 20:02 - 2016-08-03 15:59 - 00196000 _____ (/n software, Inc.) C:\Windows\system32\cbfsMntNtf6.dll
2017-02-23 20:02 - 2016-08-03 15:59 - 00170400 _____ (/n software, Inc.) C:\Windows\SysWOW64\cbfsMntNtf6.dll
2017-02-23 20:02 - 2016-08-03 15:48 - 00460992 _____ (/n software, Inc.) C:\Windows\system32\Drivers\cbfs6.sys
2017-02-23 20:02 - 2016-08-03 15:48 - 00018624 _____ (/n software, Inc.) C:\Windows\system32\Drivers\vpnpbus.sys
2017-02-23 20:02 - 2012-12-11 23:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2017-02-23 20:02 - 2012-12-11 23:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2017-02-22 16:57 - 2017-02-22 16:58 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-21 19:33 - 2017-02-21 19:33 - 00000000 ____D C:\ProgramData\Screaming Bee
2017-02-21 19:29 - 2017-02-21 19:29 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Screaming Bee
2017-02-20 00:32 - 2017-02-20 00:32 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\RenPy
2017-02-19 22:30 - 2017-02-19 23:17 - 02870984 _____ (ESET) C:\Users\Henselmann\Desktop\esetsmartinstaller_deu.exe
2017-02-19 22:16 - 2017-02-19 22:16 - 00000000 ____D C:\Users\Henselmann\Desktop\IGG-SunrideAcademy
2017-02-18 02:20 - 2017-02-18 02:20 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2017-02-18 02:20 - 2017-02-18 02:20 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-02-18 02:20 - 2017-02-18 02:20 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Disc_Soft_Ltd
2017-02-18 02:19 - 2017-02-22 17:03 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\DAEMON Tools Lite
2017-02-18 02:19 - 2017-02-18 02:27 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-02-18 02:19 - 2017-02-18 02:19 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2017-02-18 02:19 - 2017-02-18 02:19 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-02-16 16:45 - 2017-02-16 16:45 - 00000000 ____D C:\Users\Henselmann\ansel
2017-02-14 22:20 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-14 22:20 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-13 15:46 - 2017-02-13 15:46 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\square_enix
2017-02-10 17:54 - 2017-02-10 17:54 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\.mono
2017-02-10 17:54 - 2017-02-10 17:54 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\Blizzard Entertainment
2017-02-10 17:54 - 2017-02-10 17:54 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Blizzard

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-11 23:59 - 2017-01-26 16:27 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Battle.net
2017-03-11 22:31 - 2016-12-23 10:46 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-03-11 20:21 - 2016-12-31 14:21 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\Mozilla
2017-03-11 19:16 - 2017-01-04 19:28 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2017-03-11 19:16 - 2017-01-03 17:53 - 00000000 ____D C:\Users\Henselmann\AppData\Local\BlackDesertOnline
2017-03-11 19:16 - 2016-12-23 10:48 - 00000000 ____D C:\Users\Henselmann
2017-03-11 19:13 - 2016-12-31 14:28 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-11 19:06 - 2017-01-17 00:24 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-03-11 18:58 - 2016-12-23 10:52 - 03310556 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-11 18:58 - 2016-07-16 23:51 - 01485866 _____ C:\Windows\system32\perfh007.dat
2017-03-11 18:58 - 2016-07-16 23:51 - 00373616 _____ C:\Windows\system32\perfc007.dat
2017-03-11 18:57 - 2016-12-31 14:26 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-11 18:54 - 2017-01-07 18:12 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-03-11 18:54 - 2016-12-23 11:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-11 18:52 - 2016-12-31 14:26 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-11 18:52 - 2016-12-23 10:46 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-11 18:52 - 2016-07-16 07:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-03-11 18:31 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-03-11 18:23 - 2017-01-02 20:10 - 00004182 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{564F6E84-C00A-4C0A-BC99-D7AB81F118FD}
2017-03-09 22:41 - 2016-12-31 14:20 - 00000000 ____D C:\Users\Henselmann\AppData\Local\CrashDumps
2017-03-09 16:30 - 2016-12-23 11:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-09 16:30 - 2016-12-23 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-09 16:30 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-03-09 16:25 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-07 17:58 - 2016-12-23 10:48 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Adobe
2017-03-04 19:43 - 2016-12-23 10:51 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-04 19:41 - 2016-12-31 14:43 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\discord
2017-03-04 19:35 - 2017-01-13 20:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-04 19:35 - 2017-01-13 20:27 - 00000000 ____D C:\ProgramData\Skype
2017-03-04 19:31 - 2017-01-15 02:23 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-04 19:08 - 2016-12-31 14:43 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Discord
2017-03-04 10:26 - 2016-12-31 18:14 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-31 18:14 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-04 10:26 - 2016-12-23 11:04 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-04 10:26 - 2016-12-23 11:00 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-03 19:10 - 2016-12-29 14:00 - 00003300 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-03 19:10 - 2016-12-23 10:49 - 00002402 _____ C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-03 19:10 - 2016-12-23 10:49 - 00000000 ___RD C:\Users\Henselmann\OneDrive
2017-03-01 21:40 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-03-01 16:02 - 2017-01-03 17:54 - 00000000 ____D C:\Users\Henselmann\Documents\Black Desert
2017-02-28 17:32 - 2016-12-31 14:47 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\TS3Client
2017-02-28 12:54 - 2016-12-23 10:47 - 00000000 ____D C:\Users\defaultuser0
2017-02-27 13:05 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-27 12:52 - 2017-01-23 22:27 - 00000000 ____D C:\Users\Henselmann\AppData\Local\ElevatedDiagnostics
2017-02-26 17:58 - 2017-01-07 13:41 - 00000000 ____D C:\Users\Henselmann\AppData\Local\osu!
2017-02-25 23:11 - 2017-01-15 00:54 - 00000000 ____D C:\Windows\system32\SSL
2017-02-24 12:15 - 2016-12-31 14:50 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Razer
2017-02-24 12:15 - 2016-12-31 14:50 - 00000000 ____D C:\ProgramData\Razer
2017-02-24 12:15 - 2016-12-31 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-02-24 12:15 - 2016-12-31 14:50 - 00000000 ____D C:\Program Files (x86)\Razer
2017-02-23 23:55 - 2016-12-23 11:02 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-23 23:55 - 2016-12-23 11:02 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-02-23 21:48 - 2016-12-31 14:44 - 00000000 ____D C:\Users\Henselmann\AppData\Local\TeamSpeak 3 Client
2017-02-23 19:35 - 2016-12-23 11:04 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-12-23 11:04 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-12-23 11:04 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-12-23 11:04 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-12-23 11:04 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 19:34 - 2017-01-11 17:36 - 00059448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-02-23 17:17 - 2016-12-31 14:09 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 17:16 - 2016-12-31 14:09 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 15:30 - 2016-12-31 18:14 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 11:32 - 2016-12-23 11:02 - 04078008 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-23 11:32 - 2016-12-23 11:02 - 03596616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-23 11:32 - 2016-12-23 11:02 - 00043566 _____ C:\Windows\system32\nvinfo.pb
2017-02-23 09:43 - 2016-12-23 11:03 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-12-23 11:03 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-23 07:38 - 2016-12-23 11:03 - 07807027 _____ C:\Windows\system32\nvcoproc.bin
2017-02-22 17:14 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 16:57 - 2017-01-02 13:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-19 00:57 - 2016-12-31 14:30 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Steam
2017-02-16 16:47 - 2017-01-05 00:33 - 00000000 ____D C:\Users\Henselmann\AppData\Local\MEGAsync
2017-02-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-01-08 04:12 - 2017-01-14 20:47 - 0007597 _____ () C:\Users\Henselmann\AppData\Local\Resmon.ResmonCfg
2016-12-23 10:54 - 2016-12-23 10:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-01 14:03 - 2017-01-01 14:03 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-31 18:14 - 2017-01-11 17:36 - 0007609 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-31 18:14 - 2017-01-10 19:32 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Einige Dateien in TEMP:
====================
2017-03-03 18:28 - 2017-03-03 18:28 - 0000512 _____ () C:\Users\Henselmann\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2017-03-03 18:28 - 2017-03-11 19:16 - 0000069 _____ () C:\Users\Henselmann\AppData\Local\Temp\e3a0f8dd4837fff176547bdbd39cbe30.dll
2017-02-14 22:22 - 2017-02-09 23:39 - 0754168 _____ (NVIDIA Corporation) C:\Users\Henselmann\AppData\Local\Temp\nvSCPAPI.dll
2017-02-14 22:22 - 2017-02-09 23:39 - 0868152 _____ (NVIDIA Corporation) C:\Users\Henselmann\AppData\Local\Temp\nvSCPAPI64.dll
2017-03-09 16:28 - 2017-02-09 23:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Henselmann\AppData\Local\Temp\nvStInst.exe
2017-03-04 21:22 - 2017-03-05 10:39 - 0192512 _____ () C:\Users\Henselmann\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 18:56 - 2015-02-10 18:56 - 0105984 _____ () C:\Users\Henselmann\AppData\Local\Temp\sfextra.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-05 11:01

==================== Ende von FRST.txt ============================

Glaringsoul 12.03.2017 00:04
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-03-2017 01
durchgeführt von Henselmann (12-03-2017 00:02:03)
Gestartet von C:\Users\Henselmann\Downloads
Windows 10 Home Version 1607 (X64) (2016-12-23 09:47:40)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2565043127-2691430490-4239563169-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2565043127-2691430490-4239563169-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2565043127-2691430490-4239563169-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2565043127-2691430490-4239563169-501 - Limited - Disabled)
Henselmann (S-1-5-21-2565043127-2691430490-4239563169-1001 - Administrator - Enabled) => C:\Users\Henselmann

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACCUSOR Advanced Gaming Keyboard Driver (HKLM-x32\...\{93078AA8-F6A1-4C16-B527-64F08801EAAD}) (Version: 1.0 - SPEEDLINK)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AirMech (HKLM\...\Steam App 206500) (Version:  - Carbon Games)
Akamai NetSession Interface (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Ansel (Version: 378.78 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Archeblade (HKLM\...\Steam App 207230) (Version:  - CodeBrush Games)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
AURA(GRAPHICS CARD) (HKLM-x32\...\{8318B34B-E1F1-47CD-88C7-718F16C3C782}) (Version: 0.0.2.1 - )
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.5 - Daum Games EU)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Discord (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dreadnought (HKLM-x32\...\Dreadnought) (Version: 1.0.5 - Grey Box)
Evolve Stage 2 (HKLM\...\Steam App 273350) (Version:  - Turtle Rock Studios)
f.lux (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Flux) (Version:  - )
FINAL FANTASY XIII (HKLM\...\Steam App 292120) (Version:  - SQUARE ENIX)
FINAL FANTASY XIII-2 (HKLM\...\Steam App 292140) (Version:  - SQUARE ENIX)
Ghost in the Shell: Stand Alone Complex - First Assault Online (HKLM\...\Steam App 369200) (Version:  - Neople)
GOD EATER 2 Rage Burst (HKLM\...\Steam App 438490) (Version:  - BANDAI NAMCO Studio)
GOD EATER RESURRECTION (HKLM\...\Steam App 460870) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Innkeeper (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Innkeeper) (Version: 0.3.4 - Curse Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
LIGHTNING RETURNS: FINAL FANTASY XIII (HKLM\...\Steam App 345350) (Version:  - SQUARE ENIX)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Melody's Escape (HKLM\...\Steam App 270210) (Version:  - Icetesy SPRL)
METAL GEAR RISING: REVENGEANCE (HKLM\...\Steam App 235460) (Version:  - PlatinumGames)
METAL GEAR SOLID V: GROUND ZEROES (HKLM\...\Steam App 311340) (Version:  - Kojima Productions)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft OneDrive (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MOBIUS FINAL FANTASY (HKLM\...\Steam App 536930) (Version:  - SQUARE ENIX CO., LTD.)
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.78 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.78 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.25153 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{6b2acd56-1df1-4565-ac4c-1d74d735e6a8}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Saints Row IV (HKLM\...\Steam App 206420) (Version:  - Deep Silver Volition)
Shadowverse (HKLM\...\Steam App 453480) (Version:  - Cygames, Inc.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skullgirls (HKLM\...\Steam App 245170) (Version:  - Lab Zero Games)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SMITE (HKLM\...\Steam App 386360) (Version:  - Hi-Rez Studios)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Storm of Spears (HKLM\...\Steam App 463350) (Version:  - Warfare Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
Transistor (HKLM\...\Steam App 237930) (Version:  - Supergiant Games)
UE4 Prerequisites (HKLM\...\{E8F64548-5B1F-405A-89EA-9D3147E9DE39}) (Version: 1.0.6.0 - Epic Games, Inc.)
Update_msi (HKLM-x32\...\{59B5A9CD-253D-4C41-A073-B387D4C9672D}) (Version: 1.0.0 - Default Company Name)
Velvet Assassin (HKLM\...\Steam App 16720) (Version:  - Replay Studios)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.20-7 - Wacom Technology Corp.)
WAIS-IV (HKLM-x32\...\WAIS-IV) (Version: 1.0.0.0 - Pearson Assessment GmbH)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03B6FA31-0B72-4D99-B425-781DD80C2959} - System32\Tasks\SafeZone scheduled Autoupdate 1488652479 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {14BA2CD3-57D9-4224-883D-7995A32E828D} - \Qhtherberile -> Keine Datei <==== ACHTUNG
Task: {1FAAB300-72BD-4247-92FA-4F770B09B82B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-04] (AVAST Software)
Task: {223C7855-FD85-4481-8BD7-791575096FD5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {229E8CC0-9A96-477F-AEEB-A04FF457E40D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {2946EB12-204C-42F9-8F9A-99B1F8A9DB0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29601261-DDE2-4B85-81C9-D405474A2C15} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {30E72E43-4A56-420F-8039-579A98B3CB8E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {34C8C8B5-E8FD-4B90-B224-A170B8212829} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {5BEF5E96-AB47-421A-A506-82AFAD7AA9C9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {70D38105-F1E1-4EA2-BB28-A26414D028F8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-03-04] (AVAST Software)
Task: {8006BE86-544F-43F0-890E-E9C74B492B0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {91AB939C-3E9E-4EAE-AD33-B1AB91FF8848} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-15] (Piriform Ltd)
Task: {9C7363DA-99D7-4CF8-A7CF-4135E166AF37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {BE960C39-C300-4D02-BEAD-AD3748F7E146} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {C6769FFD-40A3-4DA3-AC3A-BE4E633C8561} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {D5152FB5-DCAC-49C4-AEB2-B4CB1CD303A1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {DE862DFF-97EF-4942-A44E-555C04C39D5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {E711467A-D558-4EC7-B69B-6B542CBCF40D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-31 14:09 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-31 14:26 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-31 14:09 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-31 20:45 - 2016-10-31 20:45 - 00592384 _____ () C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX64.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01658320 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-12-31 14:08 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 19:17 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 19:17 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 19:17 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 19:17 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 19:17 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-10 19:17 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 19:17 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 17:03 - 2017-02-22 17:04 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 17:03 - 2017-02-22 17:04 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 17:03 - 2017-02-22 17:04 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-09 10:01 - 2017-02-09 10:02 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-12-31 14:23 - 2013-10-29 13:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2016-12-31 14:23 - 2012-12-11 11:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-02-24 01:59 - 2017-02-24 01:59 - 01457128 _____ () D:\Blizzard\Battle.net\Battle.net.8423\Battle.net Helper.exe
2017-01-09 07:06 - 2017-01-09 07:06 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-12-23 11:04 - 2017-02-23 19:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-23 11:04 - 2017-02-23 19:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-23 11:03 - 2017-02-23 09:28 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-03-02 16:23 - 2017-03-02 17:32 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 16:23 - 2017-03-02 17:32 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 16:23 - 2017-03-02 17:32 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-12-31 14:44 - 2016-12-31 14:44 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 16:23 - 2017-03-02 17:32 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 16:23 - 2017-03-02 17:32 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-17 00:01 - 2016-07-17 00:01 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-07 16:08 - 2017-03-07 16:08 - 02493440 _____ () D:\Origin\libGLESv2.dll
2016-12-31 14:29 - 2017-02-03 02:42 - 00668960 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-12-31 14:29 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-12-31 14:29 - 2017-03-09 23:37 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2016-12-31 14:29 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-12-31 14:29 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-12-31 14:29 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-12-31 14:29 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-12-31 14:29 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-12-31 14:29 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-12-31 14:29 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-12-31 14:29 - 2017-03-09 23:37 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-12-31 14:29 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-31 14:29 - 2017-01-30 22:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-12-31 14:29 - 2017-03-09 23:37 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 37247976 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libcef.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 00540336 _____ () D:\Blizzard\Battle.net\Battle.net.8423\ortp.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 00133632 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libEGL.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 03384832 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libGLESv2.dll
2017-03-04 19:31 - 2017-03-04 19:31 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-04 19:31 - 2017-03-04 19:31 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-04 19:31 - 2017-03-04 19:31 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-04 19:31 - 2017-03-04 19:31 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-31 14:24 - 2016-10-12 11:59 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\ACCUSOR Advanced Gaming Keyboard\Lang\Lang_EN.dll
2016-12-31 14:24 - 2016-09-30 17:49 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\ACCUSOR Advanced Gaming Keyboard\hiddriver.dll
2016-12-31 14:23 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2016-12-31 14:23 - 2011-11-22 14:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2017-01-16 12:40 - 2017-01-16 12:40 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 03384832 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libglesv2.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 00133632 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libegl.dll
2017-01-06 14:54 - 2016-10-08 08:13 - 50656768 _____ () C:\Users\Henselmann\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2017-01-06 14:54 - 2016-10-08 08:13 - 01874944 _____ () C:\Users\Henselmann\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2017-01-06 14:54 - 2016-10-08 08:13 - 00075264 _____ () C:\Users\Henselmann\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 00990696 _____ () D:\Blizzard\Battle.net\Battle.net.8423\ffmpegsumo.dll
2016-12-23 11:04 - 2017-02-23 15:30 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-23 11:04 - 2017-02-23 15:30 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-23 11:04 - 2017-02-23 15:30 - 02443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-23 11:04 - 2017-02-23 19:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-23 11:04 - 2017-02-23 19:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-23 11:04 - 2017-02-23 15:30 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-23 11:04 - 2017-02-23 15:30 - 00543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-12-23 11:04 - 2017-02-23 15:30 - 00468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-23 11:04 - 2017-02-23 19:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-31 17:35 - 2016-05-20 17:04 - 00065536 _____ () C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\Exeio.dll
2016-12-31 17:35 - 2016-06-03 10:53 - 01744896 _____ () C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\Vender.dll
2016-12-31 14:29 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7924 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7924 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Henselmann\Pictures\Wallpapers\Razer wps.png
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: chip1click => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run32: => "Kraken0502Launcher"
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0E47B457-4B1D-4F16-BDC5-912AB44760B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D081491-E712-482D-81EA-ACAF9C0D1C84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{311812F6-FFA3-4B11-B582-A88CBF08B84E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{28957022-8102-4FC4-B93D-DABB32A318DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3068688B-FFF3-43F2-ABB2-7308A5DF785D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C085FAE0-02BC-4064-9230-E38642D24846}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F720E04A-1999-42F9-93A4-CC7BADD43C66}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{735F8F34-814C-400E-B045-F25D9291FA30}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{84933992-693A-4FD3-8B7A-CCAE63645C77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{4CCFF972-1BC8-40F1-B076-56BDDE60A32F}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [UDP Query User{38DB372C-5868-4762-A226-58383CA3AB99}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [TCP Query User{E11A29F9-4CAE-4262-80EE-F09C654B12CF}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{7137A934-0488-483E-B554-0650C59A9E4E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{2237B37D-A6F3-448C-9CB3-71768559F301}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{4611E285-EFA0-45E2-A04D-973ED7400488}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{FABECFE2-ED1C-4AD5-8A5A-C0AA5C8FC0D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{90AECE4F-6400-4E13-8A24-82E399D27D18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{08997F7E-BE69-41A8-A3BE-D4702B8D8C33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{3217F0C9-694B-44B3-9F66-19B9511EDD60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{A7BEA246-B5A7-4C9A-9316-4CFE6072F920}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GOD EATER 2 Rage Burst\GE2RB.exe
FirewallRules: [{4AB6EB5F-9CBE-474D-A844-91B6EE0AD80D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GOD EATER 2 Rage Burst\GE2RB.exe
FirewallRules: [{08454A83-18A3-4233-8756-61090E5A1257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{A277378D-5E7C-4428-AA23-E510F8DC2427}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{E80B4C5C-D8E6-4A59-A712-9203F7673409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MelodysEscape\MelodysEscape.exe
FirewallRules: [{CBFD1F7C-BBFB-4405-B483-5C4765D42E23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MelodysEscape\MelodysEscape.exe
FirewallRules: [{3A869815-1212-45D4-9D2D-9AA2F9ABBE5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{AADCC912-B087-45A3-B087-3CD064326216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{2B4825F4-408D-4AB6-8B23-33909203FCF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7EB63EB5-1CF5-4881-ACA7-5E2D1D066171}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A8CD48B4-21D7-4697-A058-4F79BBF963FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{5C14C959-3ED1-4A30-9A59-42C4DD1B717C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [TCP Query User{3630E24F-E6F8-4CB1-9A59-88AB59965CC0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{74F39530-9606-4973-B494-966E98F7282E}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{EC8031FF-0FBA-4356-A349-3721AB753BEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{E4409F3B-2A26-4C8F-86C8-38F1EE625014}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [TCP Query User{561E25DD-1E58-47A4-810B-2A17B5016086}C:\users\henselmann\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\henselmann\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7DB71C7A-EC90-40FF-BF06-E801F77F2F02}C:\users\henselmann\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\henselmann\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A9BACE0D-6103-400C-98EE-6AA7A1CF5611}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{530CF341-1046-404E-A902-6F308DE0B8C1}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{721D84BD-1079-4FC3-82D2-2608DC83589B}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{27875A94-7829-476F-BC81-CB37A09E0B3E}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [{4F628093-382A-49E0-9E93-A91B0FD7973B}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [{85A4399C-87F0-4834-9594-76143F328980}] => (Allow) D:\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{8BF46A5A-B075-45EA-95BC-8BB637423A2D}] => (Allow) D:\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{28D9C26A-55B2-46F2-AE19-AEDDFFE4BE06}C:\users\henselmann\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\henselmann\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{4CFE441A-8908-4057-8242-56CE80B6D9F7}C:\users\henselmann\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\henselmann\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C121A03C-2844-43E8-A7A5-2D24C43C644A}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{4C843A58-92EE-4C2E-8317-EEE255475D23}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{A547D236-CAE0-4BA4-8EE7-DD572F75D6EE}] => (Allow) C:\Users\Henselmann\Downloads\bin\BlackDesert32.exe
FirewallRules: [{EBAC73D0-7BBD-4950-8F9B-C740E180B60D}] => (Allow) C:\Users\Henselmann\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{10C7C3EC-1AA0-4C17-9D63-CEB53AB85662}] => (Allow) C:\Users\Henselmann\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{62940371-2902-4D86-A26F-2B29FE71B751}] => (Allow) C:\Users\Henselmann\Downloads\BlackDesert_Downloader.exe
FirewallRules: [{8D00E89F-64C2-4842-AA26-D95A0B16DA18}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{1407B8BF-F9B2-4609-8368-A576522B4FA9}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{2B776481-A9E4-4BF1-984E-7CF03F83857A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{62ABD600-A976-4823-8B7F-E65784B7F4C8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{93A99CF4-4353-4A9A-A415-4975C776E7E5}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9BE63206-4F48-43E6-9B41-C87703E1DDC4}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{48484955-A33F-4C22-997A-E5103467B372}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{2373A42C-CE1F-4854-B9F0-10C5BA9FB2C7}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{5A335A4D-D463-44B0-9D14-9301378EE5FC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{095367D4-1A5B-4D82-A785-CCA6EE7AAF82}] => (Allow) D:\Gameforge\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{7666EA8C-6FBD-497B-A4C1-C2641BF02B7B}] => (Allow) D:\Gameforge\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{10404BD8-04A3-4D38-A8CE-D9290A94537D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{A25E264A-7F0F-4DCE-B35E-68841122531E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{6CD6C2FD-BEBC-479C-B4C6-5F3E968E5345}] => (Allow) D:\SteamLibrary\steamapps\common\GOD EATER RESURRECTION\GER.exe
FirewallRules: [{E59D8D82-98C0-4AAC-A2FE-F2FC808DAF1E}] => (Allow) D:\SteamLibrary\steamapps\common\GOD EATER RESURRECTION\GER.exe
FirewallRules: [TCP Query User{915F5371-B0FD-48D5-B08C-48676C27C85E}D:\gameforge\deu_deu\tera\tera-launcher.exe] => (Allow) D:\gameforge\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{E4192CCA-2536-4E84-8387-02BBD6B34B4F}D:\gameforge\deu_deu\tera\tera-launcher.exe] => (Allow) D:\gameforge\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{5673D191-6E89-47E5-A523-B01E56A12EFE}D:\black desert\bin64\blackdesert64.exe] => (Allow) D:\black desert\bin64\blackdesert64.exe
FirewallRules: [UDP Query User{A12F0534-44D8-4A4E-B97F-BD680E9B1848}D:\black desert\bin64\blackdesert64.exe] => (Allow) D:\black desert\bin64\blackdesert64.exe
FirewallRules: [TCP Query User{488FF65C-D5B5-4C52-B31F-8F478CC791A3}D:\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{4C7B9974-3AC5-4C9F-98F0-07C44EFC37F3}D:\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{3F456006-F657-48E0-975E-61F64B5E8865}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{226993B5-1267-4771-8EF4-C6B3E646D993}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{5CCB0AE5-8B3B-4D03-BB53-6CD6395006F5}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{0FC46330-C5DC-4686-9B8D-ABD276748B6C}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{65FBF860-A52D-4AE3-94D5-28AB63C101D1}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{26A3C780-1A16-4FEF-8363-1102E5E0A0D1}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1487859B-3896-4A73-A4D4-56A58BB2E151}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{D3F4C190-771B-4275-85FB-6B13E1A3CD31}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6969D4B7-4B62-46F8-9119-5653F7156FDE}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5539CECA-DF1E-4A1E-834D-763043484F5B}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{391F473C-6125-42D8-AB30-60CFB4A99F8A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3629EE8D-AE32-42F0-AB92-B75F5FEB1143}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{EA750E24-914F-4194-9F5F-2478FA74E74F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{04E083C1-5609-4B55-AA74-52F1E77991E4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{3CD26ACF-12EA-4431-908F-B4B7B9B58BCE}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{69BA4474-0A01-4D5C-8F25-9BB0083C0FB1}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{BDAA294F-A5D8-4C9E-A3F2-025136721058}] => (Allow) D:\SteamLibrary\steamapps\common\AirMech\AirMech.exe
FirewallRules: [{4459E74B-3F02-4411-8AEA-6DAD77F49008}] => (Allow) D:\SteamLibrary\steamapps\common\AirMech\AirMech.exe
FirewallRules: [{397C14B3-3C45-4BCF-A2B3-C11C8A494EA7}] => (Allow) D:\SWTOR\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{825EFA01-6B1C-40F0-ABDF-8842711C5E56}] => (Allow) D:\SWTOR\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3E21308B-59E3-4114-BCCD-C86EBB10D6F3}] => (Allow) D:\SWTOR\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BE34C4EB-ED71-4E2E-ACA7-EF41C57388EB}] => (Allow) D:\SWTOR\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D7747FEC-2B93-4428-8261-E7A7846DA098}] => (Allow) D:\SteamLibrary\steamapps\common\Storm of Spears\Storm of Spears.exe
FirewallRules: [{9CC219F5-1817-4CAE-858C-AE4E95B2044F}] => (Allow) D:\SteamLibrary\steamapps\common\Storm of Spears\Storm of Spears.exe
FirewallRules: [TCP Query User{DCB81F3C-3596-4BF6-92B1-C270B073DAD9}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{8C5218B9-42C8-4C44-A374-C7668602744A}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [{162F50A2-BC1A-4557-B7FD-F6CB367C6B7F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3A28816-EC62-494E-90FF-858E7ADC3AF5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E031CA45-554A-4094-8BC9-DB6AB2F7FB62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91EADB84-6E92-473E-99C3-244A08422808}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8CC9070-DCB4-4AAE-A8DF-877B1749960E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E87A1080-040C-438C-B219-59016CED824A}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{25867A8F-B473-406A-8C60-B47FAB8F5B20}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{605F6806-FE10-4B63-9239-7E44098A341A}D:\dreadnought\dreadnoughtlauncher.exe] => (Allow) D:\dreadnought\dreadnoughtlauncher.exe
FirewallRules: [UDP Query User{ED7F9AF3-C52B-4409-9E25-620ED7408160}D:\dreadnought\dreadnoughtlauncher.exe] => (Allow) D:\dreadnought\dreadnoughtlauncher.exe
FirewallRules: [TCP Query User{F572D298-E9CB-49BC-AC24-A268B53E5984}D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe
FirewallRules: [UDP Query User{5236C830-98D9-4624-BFA8-D315EB75BDFE}D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe
FirewallRules: [TCP Query User{7BB71CD3-E85C-45AC-AB77-C30967ACD61D}D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgamesrvlocal-win64-shipping.exe] => (Allow) D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgamesrvlocal-win64-shipping.exe
FirewallRules: [UDP Query User{4EC552EF-35A9-4BF0-8423-460D9A2B61A9}D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgamesrvlocal-win64-shipping.exe] => (Allow) D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgamesrvlocal-win64-shipping.exe
FirewallRules: [{EC2FEF0F-110C-4799-BCA7-72D93A480A99}] => (Allow) D:\iTunes\iTunes.exe
FirewallRules: [TCP Query User{88833CA8-E2C9-4CDD-A8F5-F2CD50743417}D:\blizzard\overwatch\overwatch.exe] => (Allow) D:\blizzard\overwatch\overwatch.exe
FirewallRules: [UDP Query User{839571EE-09A4-46FE-88E4-FC11602E79E6}D:\blizzard\overwatch\overwatch.exe] => (Allow) D:\blizzard\overwatch\overwatch.exe
FirewallRules: [{4FECB7DD-1B32-4B2A-968C-45A65B74B675}] => (Allow) D:\SteamLibrary\steamapps\common\MOBIUS FINAL FANTASY\mobiusff.exe
FirewallRules: [{7F6381AB-55EE-4EC7-80BA-1FCE49B080C9}] => (Allow) D:\SteamLibrary\steamapps\common\MOBIUS FINAL FANTASY\mobiusff.exe
FirewallRules: [TCP Query User{EC8D4C57-1D28-4A1B-AF63-67AFF7F2FAB4}D:\blizzard\hearthstone\hearthstone.exe] => (Allow) D:\blizzard\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{ACCE751F-5AB1-4A32-9508-ADEF8A580E28}D:\blizzard\hearthstone\hearthstone.exe] => (Allow) D:\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{7F1BD06F-7E60-40CF-8E7F-58A2D4BF061F}] => (Allow) D:\SteamLibrary\steamapps\common\Velvet Assassin\Launcher.exe
FirewallRules: [{58254817-FEB8-4070-92C8-B77DA0F8A487}] => (Allow) D:\SteamLibrary\steamapps\common\Velvet Assassin\Launcher.exe
FirewallRules: [{115B8EA8-DF27-446E-959F-238BBE71452F}] => (Allow) D:\SteamLibrary\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{36272AEA-0728-4B4E-AFD7-16EEAEA7E4E4}] => (Allow) D:\SteamLibrary\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{DBC5AAD5-56FA-4DB8-B288-ED671B5FA7D8}] => (Allow) D:\SteamLibrary\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{022D2424-A8C0-411A-9EBC-11B9BC6815A4}] => (Allow) D:\SteamLibrary\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{06020CAF-F23D-4808-ACC4-684CA67A02DF}] => (Allow) D:\SteamLibrary\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{642C438A-C471-4C97-B67A-A10E6D5C68FB}] => (Allow) D:\SteamLibrary\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{C0C27B35-EB8F-4605-95FA-4E05D3978B7B}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{2F852677-A307-4D05-AE99-5C8E1D2C067F}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{2DBFDD1D-563C-488B-B8C8-797F754F786C}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{CB06B663-3BA3-4BAD-8531-3A6C08FB5BB5}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{45BE8FEE-4A4D-4E7E-A08D-B458BCEBBE3E}D:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Allow) D:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [UDP Query User{F8175FF7-22BF-4119-9746-03B91CE1F92E}D:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Allow) D:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [{BC984309-C6AB-4048-B289-DE701FD7AA3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{74EC2E87-E967-4BAC-8328-BDCDE7CBC997}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EB25B933-69D6-4B90-86BC-5E5AFB516441}] => (Allow) C:\Users\Henselmann\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F2303BF0-0559-4661-8A08-C9715CF86C53}] => (Allow) C:\Users\Henselmann\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4249CDB4-5031-467D-9ADA-9867297569F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{9034EF64-73EF-4EA8-8C11-CD1159828B3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{56ED2A7C-6B81-417F-A551-7DE4DFC41D25}] => (Allow) D:\SteamLibrary\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{376F4FA3-05A2-4E20-838F-BA23AC79C04C}] => (Allow) D:\SteamLibrary\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{D434C8C2-5D0B-42E3-9FDC-C0D048D35095}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561_0\SZBrowser.exe
FirewallRules: [{589AA9AE-E3F3-444A-B3A5-113615D11FF0}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{80233E6C-1A21-418C-8A7D-B23F44FADE38}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [TCP Query User{685EB556-C860-4FD5-B0DD-E07C35F9AB04}C:\users\henselmann\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\henselmann\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{EA888511-FCDE-4047-8E51-71A7465CEB81}C:\users\henselmann\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\henselmann\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{3587677F-17FD-4445-9961-190D003E869C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{2D2306EA-8E24-41A2-8987-3EDE4F4909DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{F6F4BC8B-BD33-466E-8669-61539F0B6C66}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe

==================== Wiederherstellungspunkte =========================

03-03-2017 18:13:06 Avira System Speedup 1.0.0
04-03-2017 12:00:12 Avira System Speedup Optimierung
04-03-2017 18:13:20 Avira System Speedup Optimierung
07-03-2017 17:25:05 DirectX wurde installiert
10-03-2017 15:42:49 Removed BikaQ Rss

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/10/2017 10:34:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BlackDesert64.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1554

Startzeit: 01d299c7427c7273

Beendigungszeit: 12

Anwendungspfad: D:\Black desert\bin64\BlackDesert64.exe

Berichts-ID: 4d37cae4-05d9-11e7-96b2-1c1b0d61086e

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/10/2017 04:06:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/10/2017 04:06:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/10/2017 04:05:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Henselmann\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/10/2017 03:42:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/09/2017 10:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ME2Game.exe, Version: 1.2.1604.0, Zeitstempel: 0x4bd611db
Name des fehlerhaften Moduls: ME2Game.exe, Version: 1.2.1604.0, Zeitstempel: 0x4bd611db
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00512140
ID des fehlerhaften Prozesses: 0x2c88
Startzeit der fehlerhaften Anwendung: 0x01d2991db68a77a5
Pfad der fehlerhaften Anwendung: D:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\ME2Game.exe
Pfad des fehlerhaften Moduls: D:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\ME2Game.exe
Berichtskennung: c34a1a75-5503-4959-a141-71f54bf1e94a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/09/2017 07:55:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x587327cf
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x72657a61
ID des fehlerhaften Prozesses: 0x1cec
Startzeit der fehlerhaften Anwendung: 0x01d29831d693864c
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 69b01d78-d7eb-48b5-b288-64f3dc40fc20
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/09/2017 07:55:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x587327cf
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72657a61
ID des fehlerhaften Prozesses: 0x1cec
Startzeit der fehlerhaften Anwendung: 0x01d29831d693864c
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 7944a23d-8db4-433e-a7ef-df76b3b5bcfd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/09/2017 07:55:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 72657A61
Stapel:

Error: (03/07/2017 05:25:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (03/11/2017 07:07:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/11/2017 06:54:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (03/11/2017 06:54:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IOMap" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (03/11/2017 06:52:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/11/2017 06:52:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RzKLService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/11/2017 06:52:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/11/2017 06:52:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Telemetry Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/11/2017 06:52:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/11/2017 06:52:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/11/2017 06:52:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Hi-Rez Studios Authenticate and Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-03-07 17:55:40.603
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-07 17:55:38.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 14:09:35.767
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 14:09:31.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 14:09:22.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-20 16:00:48.110
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-20 08:02:29.146
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-15 02:20:09.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-15 01:27:39.432
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-15 01:27:33.626
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8144.44 MB
Verfügbarer physikalischer RAM: 5344.02 MB
Summe virtueller Speicher: 13520.44 MB
Verfügbarer virtueller Speicher: 9154.85 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.92 GB) (Free:35.97 GB) NTFS
Drive d: () (Fixed) (Total:1863 GB) (Free:1429.7 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus 12.03.2017 00:08
Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

Glaringsoul 12.03.2017 07:16
Ok Avast ist Runter ...

cosinus 12.03.2017 11:08
Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Glaringsoul 12.03.2017 12:05
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.03.12.03
  rootkit: v2017.03.11.01

Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
Henselmann :: FATAL-CRYPT-ERR [administrator]

12.03.2017 11:33:06
mbar-log-2017-03-12 (11-33-06).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 345037
Time elapsed: 6 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
der hatte nix gefunden deswegen war da kein neustart... der zweite suchlauf sieht fast genauso aus hat ebenfalls nix gefunden ...

cosinus 12.03.2017 12:31
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Glaringsoul 13.03.2017 00:19
Code:
# AdwCleaner v6.044 - Bericht erstellt am 12/03/2017 um 18:50:44
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-12.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Henselmann - FATAL-CRYPT-ERR
# Gestartet von : C:\Users\Henselmann\Downloads\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [945 Bytes] - [12/03/2017 18:50:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [1358 Bytes] - [12/03/2017 18:49:47]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1090 Bytes] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 10 Home x64
Ran by Henselmann (Administrator) on 13.03.2017 at  0:18:23,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\Windows\wininit.ini (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.03.2017 at  0:18:45,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus 13.03.2017 00:44
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

Glaringsoul 13.03.2017 01:06
habe gerade als ich den browser geöffnet habe festgestellt das "startpageing123" suchmaschiene jetzt wie aus dem nichts aufgetaucht ist
PS: Habe nicht installiert oder auch nur gedownloaded

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-03-2017
durchgeführt von Henselmann (13-03-2017 01:04:27)
Gestartet von C:\Users\Henselmann\Desktop
Windows 10 Home Version 1607 (X64) (2016-12-23 09:47:40)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2565043127-2691430490-4239563169-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2565043127-2691430490-4239563169-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2565043127-2691430490-4239563169-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2565043127-2691430490-4239563169-501 - Limited - Disabled)
Henselmann (S-1-5-21-2565043127-2691430490-4239563169-1001 - Administrator - Enabled) => C:\Users\Henselmann

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACCUSOR Advanced Gaming Keyboard Driver (HKLM-x32\...\{93078AA8-F6A1-4C16-B527-64F08801EAAD}) (Version: 1.0 - SPEEDLINK)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AirMech (HKLM\...\Steam App 206500) (Version:  - Carbon Games)
Akamai NetSession Interface (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
amulesw (HKLM-x32\...\{13D7C2E9-08E7-4889-94FF-87E707184E53}) (Version: 1.0.7 - amules) <==== ACHTUNG
Ansel (Version: 378.78 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Archeblade (HKLM\...\Steam App 207230) (Version:  - CodeBrush Games)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
AURA(GRAPHICS CARD) (HKLM-x32\...\{8318B34B-E1F1-47CD-88C7-718F16C3C782}) (Version: 0.0.2.1 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BikaQ Rss (HKLM-x32\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) <==== ACHTUNG
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.5 - Daum Games EU)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Discord (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dreadnought (HKLM-x32\...\Dreadnought) (Version: 1.0.5 - Grey Box)
Evolve Stage 2 (HKLM\...\Steam App 273350) (Version:  - Turtle Rock Studios)
f.lux (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Flux) (Version:  - )
FINAL FANTASY XIII (HKLM\...\Steam App 292120) (Version:  - SQUARE ENIX)
FINAL FANTASY XIII-2 (HKLM\...\Steam App 292140) (Version:  - SQUARE ENIX)
Ghost in the Shell: Stand Alone Complex - First Assault Online (HKLM\...\Steam App 369200) (Version:  - Neople)
GOD EATER 2 Rage Burst (HKLM\...\Steam App 438490) (Version:  - BANDAI NAMCO Studio)
GOD EATER RESURRECTION (HKLM\...\Steam App 460870) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Innkeeper (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Innkeeper) (Version: 0.3.4 - Curse Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
LIGHTNING RETURNS: FINAL FANTASY XIII (HKLM\...\Steam App 345350) (Version:  - SQUARE ENIX)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Melody's Escape (HKLM\...\Steam App 270210) (Version:  - Icetesy SPRL)
METAL GEAR RISING: REVENGEANCE (HKLM\...\Steam App 235460) (Version:  - PlatinumGames)
METAL GEAR SOLID V: GROUND ZEROES (HKLM\...\Steam App 311340) (Version:  - Kojima Productions)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft OneDrive (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MOBIUS FINAL FANTASY (HKLM\...\Steam App 536930) (Version:  - SQUARE ENIX CO., LTD.)
Mozilla Firefox 52.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 de)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.78 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.78 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.25153 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{6b2acd56-1df1-4565-ac4c-1d74d735e6a8}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
Saints Row IV (HKLM\...\Steam App 206420) (Version:  - Deep Silver Volition)
Shadowverse (HKLM\...\Steam App 453480) (Version:  - Cygames, Inc.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skullgirls (HKLM\...\Steam App 245170) (Version:  - Lab Zero Games)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SMITE (HKLM\...\Steam App 386360) (Version:  - Hi-Rez Studios)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Storm of Spears (HKLM\...\Steam App 463350) (Version:  - Warfare Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
Transistor (HKLM\...\Steam App 237930) (Version:  - Supergiant Games)
UE4 Prerequisites (HKLM\...\{E8F64548-5B1F-405A-89EA-9D3147E9DE39}) (Version: 1.0.6.0 - Epic Games, Inc.)
Update_msi (HKLM-x32\...\{59B5A9CD-253D-4C41-A073-B387D4C9672D}) (Version: 1.0.0 - Default Company Name)
Velvet Assassin (HKLM\...\Steam App 16720) (Version:  - Replay Studios)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.20-7 - Wacom Technology Corp.)
WAIS-IV (HKLM-x32\...\WAIS-IV) (Version: 1.0.0.0 - Pearson Assessment GmbH)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinSnare (HKLM-x32\...\{F173D6F1-284D-4B18-9F6E-57DDC05E34EA}) (Version:  - ) <==== ACHTUNG
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0942F996-DFEE-4DAF-A0F2-78F0AB51207F} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2016-12-28] ()
Task: {14BA2CD3-57D9-4224-883D-7995A32E828D} - \Qhtherberile -> Keine Datei <==== ACHTUNG
Task: {223C7855-FD85-4481-8BD7-791575096FD5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {229E8CC0-9A96-477F-AEEB-A04FF457E40D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {2946EB12-204C-42F9-8F9A-99B1F8A9DB0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29601261-DDE2-4B85-81C9-D405474A2C15} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {30E72E43-4A56-420F-8039-579A98B3CB8E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {331FEC13-EA9B-4ABB-BCEA-4DB7DB6E8341} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files (x86)\BikaQRss\BikaQ.exe [2017-02-23] (IEC) <==== ACHTUNG
Task: {34C8C8B5-E8FD-4B90-B224-A170B8212829} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {5BEF5E96-AB47-421A-A506-82AFAD7AA9C9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {70D38105-F1E1-4EA2-BB28-A26414D028F8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8006BE86-544F-43F0-890E-E9C74B492B0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {91AB939C-3E9E-4EAE-AD33-B1AB91FF8848} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-15] (Piriform Ltd)
Task: {9C7363DA-99D7-4CF8-A7CF-4135E166AF37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {BE960C39-C300-4D02-BEAD-AD3748F7E146} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {C6769FFD-40A3-4DA3-AC3A-BE4E633C8561} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {D5152FB5-DCAC-49C4-AEB2-B4CB1CD303A1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {DE862DFF-97EF-4942-A44E-555C04C39D5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {E711467A-D558-4EC7-B69B-6B542CBCF40D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
ShortcutWithArgument: C:\Users\Henselmann\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-31 14:09 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-31 14:26 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-31 14:09 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-31 20:45 - 2016-10-31 20:45 - 00592384 _____ () C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX64.dll
2017-01-10 19:17 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 19:17 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 19:17 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 19:17 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-10 19:17 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 19:17 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 17:03 - 2017-02-22 17:04 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 17:03 - 2017-02-22 17:04 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 17:03 - 2017-02-22 17:04 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-09 10:01 - 2017-02-09 10:02 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 01457128 _____ () D:\Blizzard\Battle.net\Battle.net.8423\Battle.net Helper.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-12-31 14:08 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 19:17 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-23 11:04 - 2017-02-23 19:35 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-23 11:04 - 2017-02-23 19:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-13 01:00 - 2017-03-10 03:24 - 00113152 _____ () C:\Users\Henselmann\AppData\Roaming\Kyubey\Kyubey.exe
2017-03-07 16:08 - 2017-03-07 16:08 - 02493440 _____ () D:\Origin\libGLESv2.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 37247976 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libcef.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 00540336 _____ () D:\Blizzard\Battle.net\Battle.net.8423\ortp.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 00133632 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libEGL.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 03384832 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libGLESv2.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 03384832 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libglesv2.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 00133632 _____ () D:\Blizzard\Battle.net\Battle.net.8423\libegl.dll
2017-02-24 01:59 - 2017-02-24 01:59 - 00990696 _____ () D:\Blizzard\Battle.net\Battle.net.8423\ffmpegsumo.dll
2016-12-23 11:04 - 2017-02-23 19:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-23 11:04 - 2017-02-23 19:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-23 11:04 - 2017-02-23 19:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7924 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7924 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Henselmann\Pictures\Wallpapers\Razer wps.png
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: chip1click => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run32: => "Kraken0502Launcher"
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0E47B457-4B1D-4F16-BDC5-912AB44760B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D081491-E712-482D-81EA-ACAF9C0D1C84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{311812F6-FFA3-4B11-B582-A88CBF08B84E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{28957022-8102-4FC4-B93D-DABB32A318DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3068688B-FFF3-43F2-ABB2-7308A5DF785D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C085FAE0-02BC-4064-9230-E38642D24846}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F720E04A-1999-42F9-93A4-CC7BADD43C66}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{735F8F34-814C-400E-B045-F25D9291FA30}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{84933992-693A-4FD3-8B7A-CCAE63645C77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{4CCFF972-1BC8-40F1-B076-56BDDE60A32F}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [UDP Query User{38DB372C-5868-4762-A226-58383CA3AB99}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [TCP Query User{E11A29F9-4CAE-4262-80EE-F09C654B12CF}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{7137A934-0488-483E-B554-0650C59A9E4E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{2237B37D-A6F3-448C-9CB3-71768559F301}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{4611E285-EFA0-45E2-A04D-973ED7400488}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{FABECFE2-ED1C-4AD5-8A5A-C0AA5C8FC0D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{90AECE4F-6400-4E13-8A24-82E399D27D18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{08997F7E-BE69-41A8-A3BE-D4702B8D8C33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{3217F0C9-694B-44B3-9F66-19B9511EDD60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{A7BEA246-B5A7-4C9A-9316-4CFE6072F920}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GOD EATER 2 Rage Burst\GE2RB.exe
FirewallRules: [{4AB6EB5F-9CBE-474D-A844-91B6EE0AD80D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GOD EATER 2 Rage Burst\GE2RB.exe
FirewallRules: [{08454A83-18A3-4233-8756-61090E5A1257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{A277378D-5E7C-4428-AA23-E510F8DC2427}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{E80B4C5C-D8E6-4A59-A712-9203F7673409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MelodysEscape\MelodysEscape.exe
FirewallRules: [{CBFD1F7C-BBFB-4405-B483-5C4765D42E23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MelodysEscape\MelodysEscape.exe
FirewallRules: [{3A869815-1212-45D4-9D2D-9AA2F9ABBE5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{AADCC912-B087-45A3-B087-3CD064326216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\METAL GEAR RISING REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe
FirewallRules: [{2B4825F4-408D-4AB6-8B23-33909203FCF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7EB63EB5-1CF5-4881-ACA7-5E2D1D066171}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A8CD48B4-21D7-4697-A058-4F79BBF963FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [{5C14C959-3ED1-4A30-9A59-42C4DD1B717C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheBlade\Binaries\Win32\Archeblade.exe
FirewallRules: [TCP Query User{3630E24F-E6F8-4CB1-9A59-88AB59965CC0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{74F39530-9606-4973-B494-966E98F7282E}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{EC8031FF-0FBA-4356-A349-3721AB753BEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{E4409F3B-2A26-4C8F-86C8-38F1EE625014}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [TCP Query User{561E25DD-1E58-47A4-810B-2A17B5016086}C:\users\henselmann\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\henselmann\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7DB71C7A-EC90-40FF-BF06-E801F77F2F02}C:\users\henselmann\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\henselmann\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A9BACE0D-6103-400C-98EE-6AA7A1CF5611}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{530CF341-1046-404E-A902-6F308DE0B8C1}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{721D84BD-1079-4FC3-82D2-2608DC83589B}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{27875A94-7829-476F-BC81-CB37A09E0B3E}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [{4F628093-382A-49E0-9E93-A91B0FD7973B}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [{85A4399C-87F0-4834-9594-76143F328980}] => (Allow) D:\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{8BF46A5A-B075-45EA-95BC-8BB637423A2D}] => (Allow) D:\SteamLibrary\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{28D9C26A-55B2-46F2-AE19-AEDDFFE4BE06}C:\users\henselmann\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\henselmann\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{4CFE441A-8908-4057-8242-56CE80B6D9F7}C:\users\henselmann\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\henselmann\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C121A03C-2844-43E8-A7A5-2D24C43C644A}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{4C843A58-92EE-4C2E-8317-EEE255475D23}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{A547D236-CAE0-4BA4-8EE7-DD572F75D6EE}] => (Allow) C:\Users\Henselmann\Downloads\bin\BlackDesert32.exe
FirewallRules: [{EBAC73D0-7BBD-4950-8F9B-C740E180B60D}] => (Allow) C:\Users\Henselmann\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{10C7C3EC-1AA0-4C17-9D63-CEB53AB85662}] => (Allow) C:\Users\Henselmann\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{62940371-2902-4D86-A26F-2B29FE71B751}] => (Allow) C:\Users\Henselmann\Downloads\BlackDesert_Downloader.exe
FirewallRules: [{8D00E89F-64C2-4842-AA26-D95A0B16DA18}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{1407B8BF-F9B2-4609-8368-A576522B4FA9}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{2B776481-A9E4-4BF1-984E-7CF03F83857A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{62ABD600-A976-4823-8B7F-E65784B7F4C8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{93A99CF4-4353-4A9A-A415-4975C776E7E5}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9BE63206-4F48-43E6-9B41-C87703E1DDC4}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{48484955-A33F-4C22-997A-E5103467B372}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{2373A42C-CE1F-4854-B9F0-10C5BA9FB2C7}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{5A335A4D-D463-44B0-9D14-9301378EE5FC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{095367D4-1A5B-4D82-A785-CCA6EE7AAF82}] => (Allow) D:\Gameforge\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{7666EA8C-6FBD-497B-A4C1-C2641BF02B7B}] => (Allow) D:\Gameforge\DEU_deu\Elsword\data\x2.exe
FirewallRules: [{10404BD8-04A3-4D38-A8CE-D9290A94537D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{A25E264A-7F0F-4DCE-B35E-68841122531E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{6CD6C2FD-BEBC-479C-B4C6-5F3E968E5345}] => (Allow) D:\SteamLibrary\steamapps\common\GOD EATER RESURRECTION\GER.exe
FirewallRules: [{E59D8D82-98C0-4AAC-A2FE-F2FC808DAF1E}] => (Allow) D:\SteamLibrary\steamapps\common\GOD EATER RESURRECTION\GER.exe
FirewallRules: [TCP Query User{915F5371-B0FD-48D5-B08C-48676C27C85E}D:\gameforge\deu_deu\tera\tera-launcher.exe] => (Allow) D:\gameforge\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{E4192CCA-2536-4E84-8387-02BBD6B34B4F}D:\gameforge\deu_deu\tera\tera-launcher.exe] => (Allow) D:\gameforge\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{5673D191-6E89-47E5-A523-B01E56A12EFE}D:\black desert\bin64\blackdesert64.exe] => (Allow) D:\black desert\bin64\blackdesert64.exe
FirewallRules: [UDP Query User{A12F0534-44D8-4A4E-B97F-BD680E9B1848}D:\black desert\bin64\blackdesert64.exe] => (Allow) D:\black desert\bin64\blackdesert64.exe
FirewallRules: [TCP Query User{488FF65C-D5B5-4C52-B31F-8F478CC791A3}D:\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{4C7B9974-3AC5-4C9F-98F0-07C44EFC37F3}D:\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe] => (Block) D:\steamlibrary\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{3F456006-F657-48E0-975E-61F64B5E8865}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{226993B5-1267-4771-8EF4-C6B3E646D993}] => (Allow) D:\SteamLibrary\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{5CCB0AE5-8B3B-4D03-BB53-6CD6395006F5}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{0FC46330-C5DC-4686-9B8D-ABD276748B6C}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{65FBF860-A52D-4AE3-94D5-28AB63C101D1}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{26A3C780-1A16-4FEF-8363-1102E5E0A0D1}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1487859B-3896-4A73-A4D4-56A58BB2E151}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{D3F4C190-771B-4275-85FB-6B13E1A3CD31}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6969D4B7-4B62-46F8-9119-5653F7156FDE}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5539CECA-DF1E-4A1E-834D-763043484F5B}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{391F473C-6125-42D8-AB30-60CFB4A99F8A}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3629EE8D-AE32-42F0-AB92-B75F5FEB1143}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{EA750E24-914F-4194-9F5F-2478FA74E74F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{04E083C1-5609-4B55-AA74-52F1E77991E4}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{3CD26ACF-12EA-4431-908F-B4B7B9B58BCE}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{69BA4474-0A01-4D5C-8F25-9BB0083C0FB1}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{BDAA294F-A5D8-4C9E-A3F2-025136721058}] => (Allow) D:\SteamLibrary\steamapps\common\AirMech\AirMech.exe
FirewallRules: [{4459E74B-3F02-4411-8AEA-6DAD77F49008}] => (Allow) D:\SteamLibrary\steamapps\common\AirMech\AirMech.exe
FirewallRules: [{397C14B3-3C45-4BCF-A2B3-C11C8A494EA7}] => (Allow) D:\SWTOR\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{825EFA01-6B1C-40F0-ABDF-8842711C5E56}] => (Allow) D:\SWTOR\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3E21308B-59E3-4114-BCCD-C86EBB10D6F3}] => (Allow) D:\SWTOR\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{BE34C4EB-ED71-4E2E-ACA7-EF41C57388EB}] => (Allow) D:\SWTOR\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D7747FEC-2B93-4428-8261-E7A7846DA098}] => (Allow) D:\SteamLibrary\steamapps\common\Storm of Spears\Storm of Spears.exe
FirewallRules: [{9CC219F5-1817-4CAE-858C-AE4E95B2044F}] => (Allow) D:\SteamLibrary\steamapps\common\Storm of Spears\Storm of Spears.exe
FirewallRules: [TCP Query User{DCB81F3C-3596-4BF6-92B1-C270B073DAD9}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [UDP Query User{8C5218B9-42C8-4C44-A374-C7668602744A}C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe] => (Allow) C:\program files (x86)\roccat\power-grid\roccatpowergrid.exe
FirewallRules: [{162F50A2-BC1A-4557-B7FD-F6CB367C6B7F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E3A28816-EC62-494E-90FF-858E7ADC3AF5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E031CA45-554A-4094-8BC9-DB6AB2F7FB62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91EADB84-6E92-473E-99C3-244A08422808}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8CC9070-DCB4-4AAE-A8DF-877B1749960E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E87A1080-040C-438C-B219-59016CED824A}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{25867A8F-B473-406A-8C60-B47FAB8F5B20}] => (Allow) D:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [TCP Query User{605F6806-FE10-4B63-9239-7E44098A341A}D:\dreadnought\dreadnoughtlauncher.exe] => (Allow) D:\dreadnought\dreadnoughtlauncher.exe
FirewallRules: [UDP Query User{ED7F9AF3-C52B-4409-9E25-620ED7408160}D:\dreadnought\dreadnoughtlauncher.exe] => (Allow) D:\dreadnought\dreadnoughtlauncher.exe
FirewallRules: [TCP Query User{F572D298-E9CB-49BC-AC24-A268B53E5984}D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe
FirewallRules: [UDP Query User{5236C830-98D9-4624-BFA8-D315EB75BDFE}D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe] => (Allow) D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgame-win64-shipping.exe
FirewallRules: [TCP Query User{7BB71CD3-E85C-45AC-AB77-C30967ACD61D}D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgamesrvlocal-win64-shipping.exe] => (Allow) D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgamesrvlocal-win64-shipping.exe
FirewallRules: [UDP Query User{4EC552EF-35A9-4BF0-8423-460D9A2B61A9}D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgamesrvlocal-win64-shipping.exe] => (Allow) D:\dreadnought\dreadgame\dreadgame\binaries\win64\dreadgamesrvlocal-win64-shipping.exe
FirewallRules: [{EC2FEF0F-110C-4799-BCA7-72D93A480A99}] => (Allow) D:\iTunes\iTunes.exe
FirewallRules: [TCP Query User{88833CA8-E2C9-4CDD-A8F5-F2CD50743417}D:\blizzard\overwatch\overwatch.exe] => (Allow) D:\blizzard\overwatch\overwatch.exe
FirewallRules: [UDP Query User{839571EE-09A4-46FE-88E4-FC11602E79E6}D:\blizzard\overwatch\overwatch.exe] => (Allow) D:\blizzard\overwatch\overwatch.exe
FirewallRules: [{4FECB7DD-1B32-4B2A-968C-45A65B74B675}] => (Allow) D:\SteamLibrary\steamapps\common\MOBIUS FINAL FANTASY\mobiusff.exe
FirewallRules: [{7F6381AB-55EE-4EC7-80BA-1FCE49B080C9}] => (Allow) D:\SteamLibrary\steamapps\common\MOBIUS FINAL FANTASY\mobiusff.exe
FirewallRules: [TCP Query User{EC8D4C57-1D28-4A1B-AF63-67AFF7F2FAB4}D:\blizzard\hearthstone\hearthstone.exe] => (Allow) D:\blizzard\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{ACCE751F-5AB1-4A32-9508-ADEF8A580E28}D:\blizzard\hearthstone\hearthstone.exe] => (Allow) D:\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{7F1BD06F-7E60-40CF-8E7F-58A2D4BF061F}] => (Allow) D:\SteamLibrary\steamapps\common\Velvet Assassin\Launcher.exe
FirewallRules: [{58254817-FEB8-4070-92C8-B77DA0F8A487}] => (Allow) D:\SteamLibrary\steamapps\common\Velvet Assassin\Launcher.exe
FirewallRules: [{115B8EA8-DF27-446E-959F-238BBE71452F}] => (Allow) D:\SteamLibrary\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{36272AEA-0728-4B4E-AFD7-16EEAEA7E4E4}] => (Allow) D:\SteamLibrary\steamapps\common\LIGHTNING RETURNS FINAL FANTASY XIII\LRFF13.exe
FirewallRules: [{DBC5AAD5-56FA-4DB8-B288-ED671B5FA7D8}] => (Allow) D:\SteamLibrary\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{022D2424-A8C0-411A-9EBC-11B9BC6815A4}] => (Allow) D:\SteamLibrary\steamapps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{06020CAF-F23D-4808-ACC4-684CA67A02DF}] => (Allow) D:\SteamLibrary\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{642C438A-C471-4C97-B67A-A10E6D5C68FB}] => (Allow) D:\SteamLibrary\steamapps\common\FINAL FANTASY XIII-2\FFXiii2Launcher.exe
FirewallRules: [{C0C27B35-EB8F-4605-95FA-4E05D3978B7B}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{2F852677-A307-4D05-AE99-5C8E1D2C067F}] => (Allow) D:\SteamLibrary\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{2DBFDD1D-563C-488B-B8C8-797F754F786C}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{CB06B663-3BA3-4BAD-8531-3A6C08FB5BB5}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{45BE8FEE-4A4D-4E7E-A08D-B458BCEBBE3E}D:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Allow) D:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [UDP Query User{F8175FF7-22BF-4119-9746-03B91CE1F92E}D:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Allow) D:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [{BC984309-C6AB-4048-B289-DE701FD7AA3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{74EC2E87-E967-4BAC-8328-BDCDE7CBC997}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EB25B933-69D6-4B90-86BC-5E5AFB516441}] => (Allow) C:\Users\Henselmann\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F2303BF0-0559-4661-8A08-C9715CF86C53}] => (Allow) C:\Users\Henselmann\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4249CDB4-5031-467D-9ADA-9867297569F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{9034EF64-73EF-4EA8-8C11-CD1159828B3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{56ED2A7C-6B81-417F-A551-7DE4DFC41D25}] => (Allow) D:\SteamLibrary\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{376F4FA3-05A2-4E20-838F-BA23AC79C04C}] => (Allow) D:\SteamLibrary\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{589AA9AE-E3F3-444A-B3A5-113615D11FF0}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{80233E6C-1A21-418C-8A7D-B23F44FADE38}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [TCP Query User{685EB556-C860-4FD5-B0DD-E07C35F9AB04}C:\users\henselmann\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\henselmann\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{EA888511-FCDE-4047-8E51-71A7465CEB81}C:\users\henselmann\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\henselmann\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{3587677F-17FD-4445-9961-190D003E869C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{2D2306EA-8E24-41A2-8987-3EDE4F4909DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe

==================== Wiederherstellungspunkte =========================

04-03-2017 12:00:12 Avira System Speedup Optimierung
04-03-2017 18:13:20 Avira System Speedup Optimierung
07-03-2017 17:25:05 DirectX wurde installiert
10-03-2017 15:42:49 Removed BikaQ Rss
13-03-2017 00:17:51 JRT Pre-Junkware Removal
13-03-2017 00:18:23 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/13/2017 12:18:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/13/2017 12:17:52 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/10/2017 10:34:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BlackDesert64.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1554

Startzeit: 01d299c7427c7273

Beendigungszeit: 12

Anwendungspfad: D:\Black desert\bin64\BlackDesert64.exe

Berichts-ID: 4d37cae4-05d9-11e7-96b2-1c1b0d61086e

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/10/2017 04:06:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/10/2017 04:06:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/10/2017 04:05:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Henselmann\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/10/2017 03:42:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/09/2017 10:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ME2Game.exe, Version: 1.2.1604.0, Zeitstempel: 0x4bd611db
Name des fehlerhaften Moduls: ME2Game.exe, Version: 1.2.1604.0, Zeitstempel: 0x4bd611db
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00512140
ID des fehlerhaften Prozesses: 0x2c88
Startzeit der fehlerhaften Anwendung: 0x01d2991db68a77a5
Pfad der fehlerhaften Anwendung: D:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\ME2Game.exe
Pfad des fehlerhaften Moduls: D:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\ME2Game.exe
Berichtskennung: c34a1a75-5503-4959-a141-71f54bf1e94a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/09/2017 07:55:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x587327cf
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x72657a61
ID des fehlerhaften Prozesses: 0x1cec
Startzeit der fehlerhaften Anwendung: 0x01d29831d693864c
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 69b01d78-d7eb-48b5-b288-64f3dc40fc20
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/09/2017 07:55:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.2.16.0, Zeitstempel: 0x587327cf
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72657a61
ID des fehlerhaften Prozesses: 0x1cec
Startzeit der fehlerhaften Anwendung: 0x01d29831d693864c
Pfad der fehlerhaften Anwendung: C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 7944a23d-8db4-433e-a7ef-df76b3b5bcfd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (03/13/2017 01:00:44 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "ed2k idle service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/13/2017 12:18:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/13/2017 12:17:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/12/2017 07:06:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/12/2017 06:53:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (03/12/2017 06:53:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IOMap" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (03/12/2017 06:50:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/12/2017 06:50:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RzKLService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/12/2017 06:50:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/12/2017 06:50:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Telemetry Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-03-07 17:55:40.603
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-07 17:55:38.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 14:09:35.767
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 14:09:31.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-02-24 14:09:22.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-20 16:00:48.110
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-20 08:02:29.146
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-15 02:20:09.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-15 01:27:39.432
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-15 01:27:33.626
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8144.44 MB
Verfügbarer physikalischer RAM: 5995.55 MB
Summe virtueller Speicher: 13776.44 MB
Verfügbarer virtueller Speicher: 11126.46 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.92 GB) (Free:37.16 GB) NTFS
Drive d: () (Fixed) (Total:1863 GB) (Free:1429.68 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Glaringsoul 13.03.2017 01:07
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
durchgeführt von Henselmann (Administrator) auf FATAL-CRYPT-ERR (13-03-2017 01:04:08)
Gestartet von C:\Users\Henselmann\Desktop
Geladene Profile: Henselmann (Verfügbare Profile: defaultuser0 & Henselmann)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5459\Agent.exe
(Blizzard Entertainment) D:\Blizzard\Battle.net\Battle.net.8423\Battle.net.exe
() D:\Blizzard\Battle.net\Battle.net.8423\Battle.net Helper.exe
() D:\Blizzard\Battle.net\Battle.net.8423\Battle.net Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ASLED.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(IEC) C:\Program Files (x86)\BikaQRss\BikaQ.exe
(hxxp://www.amuleall.org/) C:\Program Files (x86)\amulell\ed2k.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Henselmann\AppData\Roaming\Kyubey\Kyubey.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 2016-01-27] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ACCUSOR Advanced Gaming Keyboard Driver] => C:\Program Files (x86)\SPEEDLINK\ACCUSOR Advanced Gaming Keyboard\Monitor.exe [1972736 2016-10-10] (SPEEDLINK)
HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1599808 2015-08-14] (Razer Inc)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9539800 2016-12-15] (Piriform Ltd)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [f.lux] => C:\Users\Henselmann\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-06] (Flux Software LLC)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-09] (Valve Corporation)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Discord] => C:\Users\Henselmann\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Battle.net] => D:\Blizzard\Battle.net\Battle.net Launcher.exe [3122152 2017-01-26] (Blizzard Entertainment)
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Henselmann\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe [2111488 2016-06-06] (TODO: <Company name>)
SSODL: EldosMountNotificator-cbfs6 - {2BDE6E34-89F1-4989-8908-582D4DAB9A1E} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {2BDE6E34-89F1-4989-8908-582D4DAB9A1E} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {0C9DD067-B805-44B0-ADF1-4DC31E9C35E5} => C:\Windows\system32\cbfsMntNtf6.dll [2016-08-03] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Henselmann\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {0C9DD067-B805-44B0-ADF1-4DC31E9C35E5} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-08-03] (/n software, Inc.)
Startup: C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-01-15]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Henselmann\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2fca545b-e1d8-474e-8e16-93c937e8e135}: [DhcpNameServer] 192.168.2.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054&q={searchTerms}
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
HKU\S-1-5-21-2565043127-2691430490-4239563169-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.startpageing123.com/?type=sc&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2565043127-2691430490-4239563169-1001 -> hxxp://www.startpageing123.com/?type=hp&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054

FireFox:
========
FF ProfilePath: C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 [2017-03-13]
FF NewTab: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> Google
FF Homepage: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> hxxp://www.startpageing123.com/?type=hp&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054
FF Keyword.URL: Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583 -> hxxps://www.google.com/search?bcutc=sp-006
FF Extension: (Test Pilot) - C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\Extensions\@testpilot-addon.xpi [2017-03-07]
FF Extension: (Ghostery) - C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\Extensions\firefox@ghostery.com.xpi [2017-02-26]
FF Extension: (uBlock Origin) - C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\Extensions\uBlock0@raymondhill.net.xpi [2017-03-04]
FF SearchPlugin: C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\searchplugins\google-avast.xml [2017-03-10]
FF SearchPlugin: C:\Users\Henselmann\AppData\Roaming\Mozilla\Firefox\Profiles\641m7xt6.default-1488061479583\searchplugins\startpageing123.xml [2017-03-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2017-01-02] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.startpageing123.com/?type=sc&ts=1489363264&z=14d4c39b5469620cafcf2afg0z3bftbcdq9cdo3q7q&from=che0812&uid=SAMSUNGXMZNLN256HMHQ-00000_S2SVNX0H917054

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ASLED; C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ASLED.exe [49664 2016-06-14] (TODO: <Company name>) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-01-10] (BitRaider, LLC)
R2 ed2kidle; C:\Program Files (x86)\amulell\ed2k.exe [214528 2017-03-10] (hxxp://www.amuleall.org/) [Datei ist nicht signiert]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 Kyubey; C:\Users\Henselmann\AppData\Roaming\Kyubey\Kyubey.exe [113152 2017-03-10] () [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7847256 2016-10-18] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2124296 2017-03-07] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2185232 2017-03-07] (Electronic Arts)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WinSAPSvc; C:\Users\Henselmann\AppData\Roaming\WinSAPSvc\WinSAP.dll [184832 2017-03-13] (Windows) [Datei ist nicht signiert]
R2 WinSnare; C:\Users\Henselmann\AppData\Roaming\WinSnare\WinSnare.dll [776704 2017-03-10] (InterSect Alliance Pty Ltd) [Datei ist nicht signiert] <==== ACHTUNG
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672208 2017-02-03] (Wacom Technology, Corp.)
S2 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-08-03] (/n software, Inc.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-02-18] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-02-18] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-14] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-14] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2017-03-12] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [91584 2017-01-14] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2a6e383a1adc0e24\nvlddmkm.sys [14569528 2017-02-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-10-10] (Realtek                                            )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [18624 2016-08-03] (/n software, Inc.)
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [119952 2017-01-25] (Wacom Technology)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36808 2017-03-12] (Wellbia.com Co., Ltd.)
U1 aswbdisk; kein ImagePath
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-13 01:04 - 2017-03-13 01:04 - 00022813 _____ C:\Users\Henselmann\Desktop\FRST.txt
2017-03-13 01:04 - 2017-03-13 01:04 - 00000000 ____D C:\Users\Henselmann\Desktop\FRST-OlderVersion
2017-03-13 01:00 - 2017-03-13 01:01 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.2.8)
2017-03-13 01:00 - 2017-03-13 01:00 - 00003690 _____ C:\Windows\System32\Tasks\Milimili
2017-03-13 01:00 - 2017-03-13 01:00 - 00003342 _____ C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\WinSnare
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\WinSAPSvc
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Kyubey
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\aMule
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BikaQ
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\Program Files (x86)\MIO
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\Program Files (x86)\BikaQRss
2017-03-13 01:00 - 2017-03-13 01:00 - 00000000 ____D C:\Program Files (x86)\amulell
2017-03-13 00:18 - 2017-03-13 00:18 - 00000659 _____ C:\Users\Henselmann\Desktop\JRT.txt
2017-03-12 18:46 - 2017-03-12 18:50 - 00000000 ____D C:\AdwCleaner
2017-03-12 18:45 - 2017-03-12 18:45 - 04031440 _____ C:\Users\Henselmann\Downloads\AdwCleaner_6.044.exe
2017-03-12 18:45 - 2017-03-12 18:45 - 01663736 _____ (Malwarebytes) C:\Users\Henselmann\Downloads\JRT.exe
2017-03-12 11:31 - 2017-03-12 12:02 - 00000000 ____D C:\Users\Henselmann\Desktop\mbar
2017-03-12 11:31 - 2017-03-12 11:31 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Henselmann\Downloads\mbar-1.09.3.1001(2).exe
2017-03-12 00:07 - 2017-03-12 00:07 - 00000000 ____D C:\Users\Henselmann\Desktop\Run1
2017-03-12 00:00 - 2017-03-12 00:01 - 2005164028 _____ C:\Users\Henselmann\Desktop\Kram.zip
2017-03-11 23:56 - 2017-03-13 01:04 - 00000000 ____D C:\FRST
2017-03-11 23:55 - 2017-03-13 01:04 - 02424832 _____ (Farbar) C:\Users\Henselmann\Desktop\FRST64.exe
2017-03-11 19:11 - 2017-03-11 19:11 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\Sun
2017-03-11 19:11 - 2017-03-11 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WAIS-IV
2017-03-10 15:29 - 2017-03-11 10:39 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-03-10 15:29 - 2017-03-10 15:44 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-03-10 15:28 - 2017-03-10 15:28 - 00752296 _____ C:\Users\Henselmann\Downloads\Adware Removal Tool by TSA.exe
2017-03-10 15:26 - 2017-03-13 01:01 - 00000386 _____ C:\Windows\SysWOW64\data.bin
2017-03-10 15:26 - 2017-03-13 01:01 - 00000000 _____ C:\Windows\SysWOW64\4
2017-03-10 15:26 - 2017-03-13 01:01 - 00000000 _____ C:\Windows\SysWOW64\3
2017-03-10 15:22 - 2017-03-13 01:00 - 00000000 ____D C:\Program Files (x86)\Ckosushdekey
2017-03-09 16:30 - 2017-03-09 16:30 - 00000000 ____D C:\Temp
2017-03-09 16:30 - 2017-03-09 16:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-03-09 16:30 - 2017-02-23 09:17 - 00136064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-03-09 16:30 - 2017-01-26 01:13 - 00103936 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-03-09 16:30 - 2017-01-26 01:12 - 00326656 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-03-09 16:30 - 2017-01-26 01:09 - 00322560 _____ C:\Windows\system32\vulkan-1.dll
2017-03-09 16:30 - 2017-01-26 01:09 - 00118272 _____ C:\Windows\system32\vulkaninfo.exe
2017-03-09 16:29 - 2017-03-09 16:30 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-03-09 16:28 - 2017-02-23 23:55 - 00047664 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 40192056 _____ C:\Windows\system32\nvcompiler.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 35272760 _____ C:\Windows\SysWOW64\nvcompiler.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 34992184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 28252608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 19007528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 14674896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 11122728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 11019888 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 09306312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 08990256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 03168192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 02717752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 01985080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437878.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437878.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 01052096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00989632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00959424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00946456 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00944224 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00910784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00721768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00719856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00687408 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00618416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00605120 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00576008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00573632 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00483384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-03-09 16:28 - 2017-02-23 11:32 - 00447984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-03-08 01:00 - 2017-03-10 15:25 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-07 18:03 - 2017-03-07 18:03 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-03-07 17:58 - 2017-03-07 21:17 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-03-07 17:58 - 2017-03-07 17:58 - 00002096 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2017-03-07 17:58 - 2017-03-07 17:58 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\Adobe
2017-03-07 17:57 - 2017-03-07 17:59 - 00000000 ____D C:\ProgramData\Adobe
2017-03-07 17:57 - 2017-03-07 17:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-03-07 17:56 - 2017-03-07 17:58 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Adobe
2017-03-07 17:25 - 2017-03-07 17:25 - 00001159 _____ C:\Users\Public\Desktop\Mass Effect 3.lnk
2017-03-06 21:11 - 2017-03-06 21:11 - 00000000 ____D C:\Users\Henselmann\Desktop\saveedit_rev25
2017-03-06 21:10 - 2017-03-06 21:10 - 00055487 _____ C:\Users\Henselmann\Downloads\saveedit_rev25.zip
2017-03-06 21:10 - 2017-03-06 21:10 - 00000000 ____D C:\ProgramData\Estsoft
2017-03-04 21:21 - 2017-03-04 21:21 - 03086696 _____ C:\Users\Henselmann\Downloads\instspeedfan452(1).exe
2017-03-04 21:21 - 2017-03-04 21:21 - 00001080 _____ C:\Users\Henselmann\Desktop\SpeedFan.lnk
2017-03-04 21:21 - 2017-03-04 21:21 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-03-04 19:31 - 2017-03-04 19:31 - 00496896 _____ C:\Users\Henselmann\Downloads\flux-setup.exe
2017-03-04 19:31 - 2017-03-04 19:31 - 00002185 _____ C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-03-04 19:31 - 2017-03-04 19:31 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-03-04 19:31 - 2017-03-04 19:31 - 00000000 ____D C:\Users\Henselmann\AppData\Local\FluxSoftware
2017-03-04 19:29 - 2017-03-12 07:13 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-04 19:29 - 2017-03-04 19:29 - 06654960 _____ (AVAST Software) C:\Users\Henselmann\Downloads\avast_free_antivirus_setup_online.exe
2017-03-04 10:23 - 2017-03-04 10:24 - 04121760 _____ (Husdawg, LLC) C:\Users\Henselmann\Downloads\Detection(1).exe
2017-03-03 18:13 - 2017-03-03 18:13 - 00000000 ____D C:\Windows\System32\Tasks\Avira
2017-03-01 18:21 - 2017-03-01 18:21 - 00000000 ____D C:\Users\Henselmann\Desktop\1408077412919_transistor
2017-03-01 17:44 - 2017-03-01 17:44 - 15220605 _____ C:\Users\Henselmann\Downloads\1408077412919_transistor.zip
2017-02-28 13:00 - 2017-02-28 13:00 - 01191352 _____ ( ) C:\Users\Henselmann\Downloads\hwmonitor_1.30.exe
2017-02-28 13:00 - 2017-02-28 13:00 - 00000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-02-28 13:00 - 2017-02-28 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-02-28 13:00 - 2017-02-28 13:00 - 00000000 ____D C:\Program Files\CPUID
2017-02-28 01:55 - 2017-03-05 10:40 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-02-28 01:55 - 2017-03-04 21:21 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2017-02-28 01:55 - 2017-02-28 01:55 - 03086696 _____ C:\Users\Henselmann\Downloads\instspeedfan452.exe
2017-02-27 22:32 - 2017-02-27 22:32 - 02212462 _____ C:\Users\Henselmann\Downloads\TMACv6.0.7_Setup.zip
2017-02-27 22:32 - 2017-02-27 22:32 - 01070232 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2017-02-27 22:32 - 2017-02-27 22:32 - 01010720 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\MSCHRT20.OCX
2017-02-27 22:32 - 2017-02-27 22:32 - 00224016 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2017-02-27 22:32 - 2017-02-27 22:32 - 00140488 ___RS (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2017-02-27 22:32 - 2017-02-27 22:32 - 00001273 _____ C:\Users\Public\Desktop\TMAC v6.lnk
2017-02-27 22:32 - 2017-02-27 22:32 - 00000000 ____D C:\Program Files (x86)\Technitium
2017-02-26 18:54 - 2017-02-26 18:54 - 00000000 ____D C:\Program Files (x86)\Origin Games
2017-02-26 17:24 - 2017-02-26 17:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2017-02-26 17:19 - 2017-02-26 17:20 - 82101304 _____ C:\Users\Henselmann\Downloads\WacomTablet_6.3.15-3.exe
2017-02-26 17:17 - 2017-02-26 17:17 - 00001951 _____ C:\Users\Henselmann\Desktop\Wacom Tablett-Eigenschaften.lnk
2017-02-26 16:17 - 2017-02-26 17:21 - 00000016 _____ C:\Users\Henselmann\Desktop\BDO.txt
2017-02-26 12:10 - 2017-02-26 12:11 - 00000000 ____D C:\Users\Henselmann\Desktop\SCHULE
2017-02-26 10:08 - 2017-02-26 10:08 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\Henselmann\Downloads\avira_de_fass0_58b29474b3687__ws.exe
2017-02-25 23:24 - 2017-03-13 01:01 - 00001548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-25 23:24 - 2017-03-13 01:01 - 00001536 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-25 23:24 - 2017-03-10 15:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-25 23:24 - 2017-02-25 23:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-25 23:22 - 2017-02-25 23:22 - 00245600 _____ C:\Users\Henselmann\Downloads\Firefox Setup Stub 51.0.1.exe
2017-02-25 23:11 - 2017-02-25 23:11 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Pmuthercoudole
2017-02-25 16:51 - 2017-02-25 16:51 - 00000000 ____D C:\Users\Henselmann\Desktop\WhatsApp Chat - Mama
2017-02-25 16:51 - 2017-02-25 13:16 - 15712860 _____ C:\Users\Henselmann\Desktop\WhatsApp Chat - Mama.zip
2017-02-25 00:27 - 2017-02-25 00:27 - 00066608 _____ C:\Users\Henselmann\Downloads\saveedit_rev23.zip
2017-02-24 19:48 - 2017-02-24 19:48 - 00000000 ____D C:\Users\Henselmann\Documents\BioWare
2017-02-24 19:48 - 2017-02-24 19:48 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-02-24 14:39 - 2017-02-24 14:39 - 00001061 _____ C:\Users\Public\Desktop\Mass Effect 2.lnk
2017-02-24 14:39 - 2017-02-24 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
2017-02-24 12:28 - 2017-03-10 15:36 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Origin
2017-02-24 12:28 - 2017-02-24 12:28 - 00000575 _____ C:\Users\Public\Desktop\Origin.lnk
2017-02-24 12:28 - 2017-02-24 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-02-24 12:26 - 2017-03-09 22:57 - 00000000 ____D C:\ProgramData\Origin
2017-02-24 12:26 - 2017-02-24 12:28 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Origin
2017-02-24 12:26 - 2017-02-24 12:26 - 00000000 ____D C:\Users\Henselmann\.Origin
2017-02-24 12:15 - 2017-02-24 12:15 - 00001358 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2017-02-23 20:59 - 2017-02-23 20:59 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Wacom
2017-02-23 20:59 - 2017-02-23 20:59 - 00000000 ____D C:\Users\Henselmann\.android
2017-02-23 20:02 - 2017-02-26 17:23 - 00000000 ____D C:\Program Files\Tablet
2017-02-23 20:02 - 2017-02-23 20:59 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\WTablet
2017-02-23 20:02 - 2017-02-23 20:02 - 00000000 ____D C:\Program Files\TabletPlugins
2017-02-23 20:02 - 2017-02-23 20:02 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2017-02-23 20:02 - 2017-02-03 01:01 - 02274256 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 02267600 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 02173392 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 02111952 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01787856 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01781200 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01673168 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2017-02-23 20:02 - 2017-02-03 01:01 - 01632720 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2017-02-23 20:02 - 2017-01-25 18:52 - 00119952 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2017-02-23 20:02 - 2016-11-15 22:43 - 00033960 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2017-02-23 20:02 - 2016-08-03 16:01 - 00018848 _____ (/n software, Inc.) C:\Windows\system32\elevtmsg.dll
2017-02-23 20:02 - 2016-08-03 16:00 - 00235424 _____ (/n software, Inc.) C:\Windows\SysWOW64\cbfsNetRdr6.dll
2017-02-23 20:02 - 2016-08-03 16:00 - 00134560 _____ (/n software, Inc.) C:\Windows\system32\cbfsNetRdr6.dll
2017-02-23 20:02 - 2016-08-03 15:59 - 00196000 _____ (/n software, Inc.) C:\Windows\system32\cbfsMntNtf6.dll
2017-02-23 20:02 - 2016-08-03 15:59 - 00170400 _____ (/n software, Inc.) C:\Windows\SysWOW64\cbfsMntNtf6.dll
2017-02-23 20:02 - 2016-08-03 15:48 - 00460992 _____ (/n software, Inc.) C:\Windows\system32\Drivers\cbfs6.sys
2017-02-23 20:02 - 2016-08-03 15:48 - 00018624 _____ (/n software, Inc.) C:\Windows\system32\Drivers\vpnpbus.sys
2017-02-23 20:02 - 2012-12-11 23:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2017-02-23 20:02 - 2012-12-11 23:12 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2017-02-22 16:57 - 2017-02-22 16:58 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-21 19:33 - 2017-02-21 19:33 - 00000000 ____D C:\ProgramData\Screaming Bee
2017-02-21 19:29 - 2017-02-21 19:29 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Screaming Bee
2017-02-20 00:32 - 2017-02-20 00:32 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\RenPy
2017-02-19 22:30 - 2017-02-19 23:17 - 02870984 _____ (ESET) C:\Users\Henselmann\Desktop\esetsmartinstaller_deu.exe
2017-02-19 22:16 - 2017-02-19 22:16 - 00000000 ____D C:\Users\Henselmann\Desktop\IGG-SunrideAcademy
2017-02-18 02:20 - 2017-02-18 02:20 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2017-02-18 02:20 - 2017-02-18 02:20 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-02-18 02:20 - 2017-02-18 02:20 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Disc_Soft_Ltd
2017-02-18 02:19 - 2017-02-22 17:03 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\DAEMON Tools Lite
2017-02-18 02:19 - 2017-02-18 02:27 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-02-18 02:19 - 2017-02-18 02:19 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2017-02-18 02:19 - 2017-02-18 02:19 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-02-16 16:45 - 2017-02-16 16:45 - 00000000 ____D C:\Users\Henselmann\ansel
2017-02-14 22:20 - 2017-02-10 03:33 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll
2017-02-14 22:20 - 2017-02-10 03:33 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll
2017-02-13 15:46 - 2017-02-13 15:46 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\square_enix

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-13 01:01 - 2017-01-26 16:27 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Battle.net
2017-03-13 01:01 - 2016-12-31 14:21 - 00000000 ____D C:\Users\Henselmann\AppData\LocalLow\Mozilla
2017-03-13 00:18 - 2016-12-23 11:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-12 23:38 - 2016-12-23 10:46 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-03-12 19:18 - 2017-01-02 20:10 - 00004182 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{564F6E84-C00A-4C0A-BC99-D7AB81F118FD}
2017-03-12 19:05 - 2017-01-04 19:28 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2017-03-12 19:05 - 2017-01-03 17:53 - 00000000 ____D C:\Users\Henselmann\AppData\Local\BlackDesertOnline
2017-03-12 19:05 - 2016-12-23 10:48 - 00000000 ____D C:\Users\Henselmann
2017-03-12 18:57 - 2016-12-23 10:52 - 03368936 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-12 18:57 - 2016-07-16 23:51 - 01517242 _____ C:\Windows\system32\perfh007.dat
2017-03-12 18:57 - 2016-07-16 23:51 - 00382652 _____ C:\Windows\system32\perfc007.dat
2017-03-12 18:56 - 2016-12-31 14:28 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-12 18:53 - 2017-01-07 18:12 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-03-12 18:51 - 2016-12-31 14:26 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 18:51 - 2016-12-23 10:46 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-12 18:50 - 2016-07-16 07:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-03-12 15:19 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-03-12 12:02 - 2017-01-17 00:24 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-03-12 11:31 - 2016-12-31 14:26 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-09 22:41 - 2016-12-31 14:20 - 00000000 ____D C:\Users\Henselmann\AppData\Local\CrashDumps
2017-03-09 16:30 - 2016-12-23 11:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-03-09 16:30 - 2016-12-23 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-03-09 16:30 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-03-09 16:25 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-07 17:58 - 2016-12-23 10:48 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\Adobe
2017-03-04 19:43 - 2016-12-23 10:51 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-04 19:41 - 2016-12-31 14:43 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\discord
2017-03-04 19:35 - 2017-01-13 20:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-04 19:35 - 2017-01-13 20:27 - 00000000 ____D C:\ProgramData\Skype
2017-03-04 19:08 - 2016-12-31 14:43 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Discord
2017-03-04 10:26 - 2016-12-31 18:14 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-31 18:14 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-03-04 10:26 - 2016-12-23 11:04 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-04 10:26 - 2016-12-23 11:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-03-04 10:26 - 2016-12-23 11:00 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-03-03 19:10 - 2016-12-29 14:00 - 00003300 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-03 19:10 - 2016-12-23 10:49 - 00002402 _____ C:\Users\Henselmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-03 19:10 - 2016-12-23 10:49 - 00000000 ___RD C:\Users\Henselmann\OneDrive
2017-03-01 21:40 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-03-01 16:02 - 2017-01-03 17:54 - 00000000 ____D C:\Users\Henselmann\Documents\Black Desert
2017-02-28 17:32 - 2016-12-31 14:47 - 00000000 ____D C:\Users\Henselmann\AppData\Roaming\TS3Client
2017-02-28 12:54 - 2016-12-23 10:47 - 00000000 ____D C:\Users\defaultuser0
2017-02-27 13:05 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-27 12:52 - 2017-01-23 22:27 - 00000000 ____D C:\Users\Henselmann\AppData\Local\ElevatedDiagnostics
2017-02-26 17:58 - 2017-01-07 13:41 - 00000000 ____D C:\Users\Henselmann\AppData\Local\osu!
2017-02-25 23:11 - 2017-01-15 00:54 - 00000000 ____D C:\Windows\system32\SSL
2017-02-24 12:15 - 2016-12-31 14:50 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Razer
2017-02-24 12:15 - 2016-12-31 14:50 - 00000000 ____D C:\ProgramData\Razer
2017-02-24 12:15 - 2016-12-31 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-02-24 12:15 - 2016-12-31 14:50 - 00000000 ____D C:\Program Files (x86)\Razer
2017-02-23 23:55 - 2016-12-23 11:02 - 01600056 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-02-23 23:55 - 2016-12-23 11:02 - 00217528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-02-23 21:48 - 2016-12-31 14:44 - 00000000 ____D C:\Users\Henselmann\AppData\Local\TeamSpeak 3 Client
2017-02-23 19:35 - 2016-12-23 11:04 - 01880512 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-02-23 19:35 - 2016-12-23 11:04 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-02-23 19:35 - 2016-12-23 11:04 - 01468864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-02-23 19:35 - 2016-12-23 11:04 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-02-23 19:35 - 2016-12-23 11:04 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-02-23 19:34 - 2017-01-11 17:36 - 00059448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-02-23 17:17 - 2016-12-31 14:09 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 17:16 - 2016-12-31 14:09 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 15:30 - 2016-12-31 18:14 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-02-23 11:32 - 2016-12-23 11:02 - 04078008 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-02-23 11:32 - 2016-12-23 11:02 - 03596616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-02-23 11:32 - 2016-12-23 11:02 - 00043566 _____ C:\Windows\system32\nvinfo.pb
2017-02-23 09:43 - 2016-12-23 11:03 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-02-23 09:28 - 2016-12-23 11:03 - 06401984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 02479160 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 00548288 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-02-23 09:28 - 2016-12-23 11:03 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-02-23 07:38 - 2016-12-23 11:03 - 07807027 _____ C:\Windows\system32\nvcoproc.bin
2017-02-22 17:14 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 16:57 - 2017-01-02 13:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-19 00:57 - 2016-12-31 14:30 - 00000000 ____D C:\Users\Henselmann\AppData\Local\Steam
2017-02-16 16:47 - 2017-01-05 00:33 - 00000000 ____D C:\Users\Henselmann\AppData\Local\MEGAsync
2017-02-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-14 16:00 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-01-08 04:12 - 2017-01-14 20:47 - 0007597 _____ () C:\Users\Henselmann\AppData\Local\Resmon.ResmonCfg
2016-12-23 10:54 - 2016-12-23 10:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-31 18:14 - 2017-01-11 17:36 - 0007609 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-31 18:14 - 2017-01-10 19:32 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Einige Dateien in TEMP:
====================
2017-03-03 18:28 - 2017-03-03 18:28 - 0000512 _____ () C:\Users\Henselmann\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2017-03-03 18:28 - 2017-03-12 19:05 - 0000069 _____ () C:\Users\Henselmann\AppData\Local\Temp\e3a0f8dd4837fff176547bdbd39cbe30.dll
2017-02-14 22:22 - 2017-02-09 23:39 - 0754168 _____ (NVIDIA Corporation) C:\Users\Henselmann\AppData\Local\Temp\nvSCPAPI.dll
2017-02-14 22:22 - 2017-02-09 23:39 - 0868152 _____ (NVIDIA Corporation) C:\Users\Henselmann\AppData\Local\Temp\nvSCPAPI64.dll
2017-03-09 16:28 - 2017-02-09 23:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Henselmann\AppData\Local\Temp\nvStInst.exe
2017-03-04 21:22 - 2017-03-05 10:39 - 0192512 _____ () C:\Users\Henselmann\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 18:56 - 2015-02-10 18:56 - 0105984 _____ () C:\Users\Henselmann\AppData\Local\Temp\sfextra.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-05 11:01

==================== Ende von FRST.txt ============================

cosinus 13.03.2017 12:15
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Adobe Reader XI

    amulesw

    BikaQ Rss

    Bonjour

    chip 1-click download service

    WinSnare

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

cosinus 13.03.2017 12:15
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Adobe Reader XI

    amulesw

    BikaQ Rss

    Bonjour

    chip 1-click download service

    WinSnare

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:41 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131