Trojaner-Board - Bei google Bilder Suche avira Meldung "HEUR/Infected.WebPage.Gen" erhalten und in Quarantäne verschoben, bin ich infiziert?

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Bei google Bilder Suche avira Meldung "HEUR/Infected.WebPage.Gen" erhalten und in Quarantäne verschoben, bin ich infiziert? (https://www.trojaner-board.de/185857-google-bilder-suche-avira-meldung-heur-infected-webpage-gen-erhalten-quarantaene-verschoben-infiziert.html)

Bei google Bilder Suche avira Meldung "HEUR/Infected.WebPage.Gen" erhalten und in Quarantäne verschoben, bin ich infiziert?

Hallo werte Helfer,

ich bekam heute bei Nutzung der google Bilder suche eine Meldung von avira, dass folgende Datei gefunden und in Quarantäne verschoben wurde HEUR/Infected.WebPage.Gen .
Bin mir jetzt unsicher ob ich mir einen Trojaner eingefangen habe, daher bitte ich hier um eure Hilfe.

Ich habe seitdem mit Avira 2x mein System gescannt und diverse Dateien in die Quarantäne verschoben. Logfiles Avira:

Code:

05.06.2017, 18:21:19 [System-Scanner] Suche

        Scan abgeschlossen [Der Suchlauf wurde vollständig durchgeführt.].

        Anzahl der Dateien:        3410900

        Anzahl der Verzeichnisse:        64877

        Anzahl der Meldungen:        1

        Anzahl der Warnungen:        2
 

05.06.2017, 18:21:19 [System-Scanner] Malware gefunden

        Die Datei 'C:\Users\User_PC\AppData\Local\Microsoft\Windows Live Mail\Thunderhawk77\Deleted Items\7567446B-0000051B.eml'

        enthält folgendes Muster 'TR/AD.Nymaim.zgvcd' [trojan]

        Ausgeführte Aktion(en):

        Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '51f76c7d.qua' verschoben!
 

05.06.2017, 16:45:59 [System-Scanner] Suche

        Scan abgeschlossen [Der Suchlauf wurde vollständig durchgeführt.].

        Anzahl der Dateien:        3924

        Anzahl der Verzeichnisse:        0

        Anzahl der Meldungen:        0

        Anzahl der Warnungen:        0
 

05.06.2017, 16:45:24 [Planer] Auftrag gestartet

        Auftrag "Schnelle Systemprüfung"

        wurde erfolgreich gestartet.
 

05.06.2017, 16:40:03 [Updater] Update erfolgreich durchgeführt

        Update auf Computer TSTAR (192.168.2.100) von "hxxp://personal.avira-update.com/update" wurde erfolgreich durchgeführt.

        Es sind keine neuen Engine/VDF Dateien verfügbar.
 

05.06.2017, 16:39:58 [Planer] Auftrag gestartet

        Auftrag "Automatisches Update Free"

        wurde erfolgreich gestartet.
 

05.06.2017, 16:30:12 [Echtzeit-Scanner] Dienst gestartet

        Der Dienst wurde gestartet.

        Dienst Version:        15.0.26.45
 

05.06.2017, 16:30:12 [Hilfsdienst] Dienst gestartet

        Der Dienst wurde gestartet.

        Dienst Version:        15.0.26.45

        Engine Version:        8.3.44.80

        VDF Version:        8.14.10.134
 

05.06.2017, 16:29:59 [Planer] Dienst gestartet

        Der Dienst wurde gestartet.

        Dienst Version 15.0.26.45
 

05.06.2017, 16:29:30 [Echtzeit-Scanner] Dienst gestoppt

        Der Dienst wurde gestoppt.
 

05.06.2017, 16:29:30 [Planer] Dienst gestoppt

        Der Dienst wurde gestoppt.
 

05.06.2017, 16:29:05 [Echtzeit-Scanner] Registry blockiert

        Der Administrator hat per Sicherheitsrichtlinie den Zugriff auf die Registry blockiert.
 

05.06.2017, 16:16:11 [Echtzeit-Scanner] Dienst gestartet

        Der Dienst wurde gestartet.

        Dienst Version:        15.0.26.45
 

05.06.2017, 16:16:11 [Hilfsdienst] Dienst gestartet

        Der Dienst wurde gestartet.

        Dienst Version:        15.0.26.45

        Engine Version:        8.3.44.80

        VDF Version:        8.14.10.134
 

05.06.2017, 16:16:01 [Planer] Dienst gestartet

        Der Dienst wurde gestartet.

        Dienst Version 15.0.26.45
 

05.06.2017, 16:15:34 [Echtzeit-Scanner] Dienst gestoppt

        Der Dienst wurde gestoppt.
 

05.06.2017, 16:15:34 [Planer] Dienst gestoppt

        Der Dienst wurde gestoppt.
 

05.06.2017, 14:45:37 [Echtzeit-Scanner] Dienst gestartet

        Der Dienst wurde gestartet.

        Dienst Version:        15.0.26.45
 

05.06.2017, 14:45:37 [Hilfsdienst] Dienst gestartet

        Der Dienst wurde gestartet.

        Dienst Version:        15.0.26.45

        Engine Version:        8.3.44.80

        VDF Version:        8.14.10.134
 

05.06.2017, 14:35:26 [Updater] Update erfolgreich durchgeführt

        Update von Avira Free Antivirus auf Computer TSTAR (192.168.2.100) erfolgreich durchgeführt.

        Folgende Dateien wurden von "hxxp://personal.avira-update.com/update" aktualisiert:

        aevdf.dat 8.14.10.134

        xbv00156.vdf 8.14.10.132

        xbv00157.vdf 8.14.10.134

        local000.vdf

        
 

05.06.2017, 14:34:57 [Planer] Auftrag gestartet

        Auftrag "Automatisches Update Free"

        wurde erfolgreich gestartet.
 

05.06.2017, 14:16:16 [System-Scanner] Suche

        Scan abgeschlossen [Der Suchlauf wurde vollständig durchgeführt.].

        Anzahl der Dateien:        4133

        Anzahl der Verzeichnisse:        0

        Anzahl der Meldungen:        0

        Anzahl der Warnungen:        0
 

05.06.2017, 14:04:28 [Echtzeit-Scanner] Malware gefunden

        Muster 'HEUR/Infected.WebPage.Gen [heuristic]'

        in Datei 'C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000be9 gefunden.

        Durchgeführte Aktion: Datei in Quarantäne verschieben

Danach habe ich noch insgesamt 3x Malware Bytes Adware Cleaner benutzt: Hier die Logs in der Benutzungsreihenfolge:

Code:

# AdwCleaner v6.047 - Bericht erstellt am 05/06/2017 um 16:14:12

# Aktualisiert am 19/05/2017 von Malwarebytes

# Datenbank : 2017-06-02.2 [Server]

# Betriebssystem : Windows 10 Home  (X64)

# Benutzername : User_PC - TSTAR

# Gestartet von : D:\Web DL\adwcleaner_6.047.exe

# Modus: Suchlauf

# Unterstützung : https://www.malwarebytes.com/support
 
 
 

***** [ Dienste ] *****
 

Keine schädlichen Dienste gefunden.
 
 

***** [ Ordner ] *****
 

Ordner Gefunden: C:\ProgramData\Application Data\lavasoft\web companion
 
 

***** [ Dateien ] *****
 

Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpService64.dll

Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini

Datei Gefunden: C:\END

Datei Gefunden: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll

Datei Gefunden: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini

Datei Gefunden: C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\searchplugins\bing-lavasoft.xml
 
 

***** [ DLL ] *****
 

Keine infizierten DLLs gefunden.
 
 

***** [ WMI ] *****
 

Keine schädlichen Schlüssel gefunden.
 
 

***** [ Verknüpfungen ] *****
 

Keine infizierten Verknüpfungen gefunden.
 
 

***** [ Aufgabenplanung ] *****
 

Keine schädlichen Aufgaben gefunden.
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController

Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}

Schlüssel Gefunden: HKLM\SOFTWARE\Lavasoft\Web Companion

Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

Wert Gefunden: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [@greatdealz]

Wert Gefunden: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [@greatdealz]

Wert Gefunden: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [@greatdealz]
 
 

***** [ Internetbrowser ] *****
 

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.

Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
 

*************************
 

C:\AdwCleaner\AdwCleaner[C0].txt - [1653 Bytes] - [16/08/2016 10:07:15]

C:\AdwCleaner\AdwCleaner[S0].txt - [1783 Bytes] - [16/08/2016 10:04:51]

C:\AdwCleaner\AdwCleaner[S1].txt - [5836 Bytes] - [05/06/2017 16:14:12]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5909 Bytes] ##########

Code:

# AdwCleaner v6.047 - Bericht erstellt am 05/06/2017 um 16:20:41

# Aktualisiert am 19/05/2017 von Malwarebytes

# Datenbank : 2017-06-02.2 [Lokal]

# Betriebssystem : Windows 10 Home  (X64)

# Benutzername : H4wk - TSTAR

# Gestartet von : D:\Web DL\adwcleaner_6.047.exe

# Modus: Suchlauf

# Unterstützung : https://www.malwarebytes.com/support
 
 
 

***** [ Dienste ] *****
 

Keine schädlichen Dienste gefunden.
 
 

***** [ Ordner ] *****
 

Keine schädlichen Ordner gefunden.
 
 

***** [ Dateien ] *****
 

Keine schädlichen Dateien gefunden.
 
 

***** [ DLL ] *****
 

Keine infizierten DLLs gefunden.
 
 

***** [ WMI ] *****
 

Keine schädlichen Schlüssel gefunden.
 
 

***** [ Verknüpfungen ] *****
 

Keine infizierten Verknüpfungen gefunden.
 
 

***** [ Aufgabenplanung ] *****
 

Keine schädlichen Aufgaben gefunden.
 
 

***** [ Registrierungsdatenbank ] *****
 

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
 
 

***** [ Internetbrowser ] *****
 

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.

Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
 

*************************
 

C:\AdwCleaner\AdwCleaner[C0].txt - [1653 Bytes] - [16/08/2016 10:07:15]

C:\AdwCleaner\AdwCleaner[C2].txt - [6446 Bytes] - [05/06/2017 16:15:18]

C:\AdwCleaner\AdwCleaner[S0].txt - [1783 Bytes] - [16/08/2016 10:04:51]

C:\AdwCleaner\AdwCleaner[S1].txt - [6060 Bytes] - [05/06/2017 16:14:12]

C:\AdwCleaner\AdwCleaner[S2].txt - [1461 Bytes] - [05/06/2017 16:20:41]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1534 Bytes] ##########

Code:

# AdwCleaner v6.047 - Bericht erstellt am 05/06/2017 um 16:38:29

# Aktualisiert am 19/05/2017 von Malwarebytes

# Datenbank : 2017-06-02.2 [Lokal]

# Betriebssystem : Windows 10 Home  (X64)

# Benutzername : H4wk - TSTAR

# Gestartet von : D:\Web DL\adwcleaner_6.047.exe

# Modus: Suchlauf

# Unterstützung : https://www.malwarebytes.com/support
 
 
 

***** [ Dienste ] *****
 

Keine schädlichen Dienste gefunden.
 
 

***** [ Ordner ] *****
 

Keine schädlichen Ordner gefunden.
 
 

***** [ Dateien ] *****
 

Keine schädlichen Dateien gefunden.
 
 

***** [ DLL ] *****
 

Keine infizierten DLLs gefunden.
 
 

***** [ WMI ] *****
 

Keine schädlichen Schlüssel gefunden.
 
 

***** [ Verknüpfungen ] *****
 

Keine infizierten Verknüpfungen gefunden.
 
 

***** [ Aufgabenplanung ] *****
 

Keine schädlichen Aufgaben gefunden.
 
 

***** [ Registrierungsdatenbank ] *****
 

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
 
 

***** [ Internetbrowser ] *****
 

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.

Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
 

*************************
 

C:\AdwCleaner\AdwCleaner[C0].txt - [1653 Bytes] - [16/08/2016 10:07:15]

C:\AdwCleaner\AdwCleaner[C2].txt - [6446 Bytes] - [05/06/2017 16:15:18]

C:\AdwCleaner\AdwCleaner[S0].txt - [1783 Bytes] - [16/08/2016 10:04:51]

C:\AdwCleaner\AdwCleaner[S1].txt - [6060 Bytes] - [05/06/2017 16:14:12]

C:\AdwCleaner\AdwCleaner[S2].txt - [1613 Bytes] - [05/06/2017 16:20:41]

C:\AdwCleaner\AdwCleaner[S3].txt - [1534 Bytes] - [05/06/2017 16:38:29]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1607 Bytes] ##########

Und zwischen Benutzung 2 und 3 des Adware Cleaners habe ich Malwarebytes Premium installiert und damit einen Scan durchgeführt, hier der dazugehörige Logfile

Code:

Malwarebytes

www.malwarebytes.com
 

-Protokolldetails-

Scan-Datum: 05.06.17

Scan-Zeit: 16:24

Protokolldatei: Malwarebytes 1.txt

Administrator: Ja
 

-Softwaredaten-

Version: 3.1.2.1733

Komponentenversion: 1.0.139

Version des Aktualisierungspakets: 1.0.2090

Lizenz: Testversion
 

-Systemdaten-

Betriebssystem: Windows 10

CPU: x64

Dateisystem: NTFS

Benutzer: TSTAR\H4wk
 

-Scan-Übersicht-

Scan-Typ: Bedrohungs-Scan

Ergebnis: Abgeschlossen

Gescannte Objekte: 419473

Erkannte Bedrohungen: 4

In die Quarantäne verschobene Bedrohungen: 4

Abgelaufene Zeit: 3 Min., 49 Sek.
 

-Scan-Optionen-

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

-Scan-Details-

Prozess: 0

(keine bösartigen Elemente erkannt)
 

Modul: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 0

(keine bösartigen Elemente erkannt)
 

Registrierungswert: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Daten-Stream: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 2

PUP.Optional.OffersOlymp, C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\jetpack\@offersolymp\simple-storage, In Quarantäne, [2017], [344143],1.0.2090

PUP.Optional.OffersOlymp, C:\USERS\USER_PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4ZCM0J12.DEFAULT\JETPACK\@OFFERSOLYMP, In Quarantäne, [2017], [344143],1.0.2090
 

Datei: 2

PUP.Optional.OffersOlymp, C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\jetpack\@offersolymp\simple-storage\store.json, In Quarantäne, [2017], [344143],1.0.2090

PUP.Optional.OffersOlymp, C:\USERS\USER_PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4ZCM0J12.DEFAULT\EXTENSIONS\@OFFERSOLYMP.XPI, In Quarantäne, [2017], [344162],1.0.2090
 

Physischer Sektor: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Und zuletzt die beiden soeben mit FRST erstellten Logfiles, leider sinde diese sehr groß und ich muss sie als .zip anhängen sorry dafür!

Ich mache jetzt erstmal nichts mehr, vor allem versuche ich mich nicht anzumelden, habe etwas Angst vor einem Keylogger Trojaner.

Schonmal vorab vielen Dank für eine Rückmeldung.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Hallo cosinus!
Sorry für das zippen, aber in der Erklärung stand, dass es ok wäre wenn sie zu groß sind. Aber egal hätte ja auch einfach einen 2ten Post machen können. Ich hänge sie dann hier an. Also hier nochmal FRST + Addition:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2017

durchgeführt von H4wk (Administrator) auf TSTAR (05-06-2017 18:28:23)

Gestartet von D:\Web DL

Geladene Profile: H4wk (Verfügbare Profile: H4wk)

Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe

(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Micro-Star International) C:\MSI\Smart Utilities\SuperRAIDSvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe

(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

() C:\Program Files (x86)\Windscribe\WindscribeService.exe

(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe

(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

() D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

() D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

() D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

() D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

() C:\Program Files (x86)\Livestreamer\livestreamer.exe

(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8804608 2016-04-29] (Realtek Semiconductor)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)

HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)

HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11340752 2016-06-28] (Micro-Star INT'L CO., LTD.)

HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()

HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1015808 2016-05-19] (MSI)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-30] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)

HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [533616 2017-02-15] (Citrix Systems, Inc.)

HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [324720 2017-02-15] (Citrix Systems, Inc.)

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation)

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [7647848 2016-07-24] ()
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Tcpip\..\Interfaces\{b0ad2bc9-2625-4352-a9a8-fe4ff4d333e1}: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-c7978f4d

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c7978f4d&q={searchTerms}

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c7978f4d&q={searchTerms}

SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c7978f4d&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2080308072-346064868-999961720-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-2080308072-346064868-999961720-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-2080308072-346064868-999961720-1001 -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = 

Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
 

FireFox:

========

FF DefaultProfile: 4zcm0j12.default

FF ProfilePath: C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default [2017-06-05]

FF NewTab: Mozilla\Firefox\Profiles\4zcm0j12.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-c7978f4d

FF DefaultSearchEngine: Mozilla\Firefox\Profiles\4zcm0j12.default -> Bing

FF SelectedSearchEngine: Mozilla\Firefox\Profiles\4zcm0j12.default -> Bing

FF Homepage: Mozilla\Firefox\Profiles\4zcm0j12.default -> about:home

FF Extension: (Windscribe) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\@windscribeff.xpi [2016-10-05]

FF Extension: (Avira Browser Safety) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\abs@avira.com.xpi [2017-05-27]

FF Extension: (convert2mp3.net YouTube2MP3 Converter) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\info@convert2mp3.net.xpi [2017-05-27]

FF Extension: (NoScript) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-05-31]

FF Extension: (Adblock Plus) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-30]

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-18] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-18] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()

FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2017-02-15] (Citrix Systems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default [2017-06-05]

CHR Extension: (Google Präsentationen) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-27]

CHR Extension: (Google Docs) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-27]

CHR Extension: (Google Drive) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-27]

CHR Extension: (YouTube) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-27]

CHR Extension: (Adblock Plus) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]

CHR Extension: (Google Tabellen) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-27]

CHR Extension: (Avira Browserschutz) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-27]

CHR Extension: (Google Docs Offline) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-27]

CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2016-11-12]

CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2017-01-16]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]

CHR Extension: (ScriptSafe) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2017-01-27]

CHR Extension: (Google Mail) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-27]

CHR Extension: (Chrome Media Router) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]

CHR Extension: (convert2mp3.net Online Video Converter) - D:\Web DL\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl: hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ACHTUNG

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-30] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-30] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-30] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-30] (Avira Operations GmbH & Co. KG)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1467912 2017-01-31] ()

S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [399120 2017-02-14] (EasyAntiCheat Ltd)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-06-14] (MSI)

S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2200872 2016-02-01] (MSI)

S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4162144 2016-05-19] (MSI)

R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014160 2016-03-04] (MSI)

R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2328160 2016-07-01] (MSI)

S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-06-02] (MSI)

S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [598112 2016-06-02] (MSI)

R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)

R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2247120 2016-06-28] (Micro-Star INT'L CO., LTD.)

R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)

R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)

S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-05-14] (Overwolf LTD)

R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)

R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-05-02] (Razer Inc.)

R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178312 2017-05-02] (Razer Inc.)

R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()

S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [163688 2016-08-02] (Sophos Limited)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)

R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2014-08-13] (Micro-Star International)

S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-17] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [47208 2016-07-24] ()

R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel(R) Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-02] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-02] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-31] ()

R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)

S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)

R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)

R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-05] (Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-05] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-05] (Malwarebytes)

R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [252832 2017-06-05] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-05] (Malwarebytes)

R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)

R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)

R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)

R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)

R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)

R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-03-22] (Realtek                                            )

R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)

S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc)

S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc)

R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)

R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)

S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)

S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc)

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)

S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-01-06] (Windows (R) Win 7 DDK provider)

R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-06-05 18:28 - 2017-06-05 18:28 - 00000000 ____D C:\FRST

2017-06-05 16:44 - 2017-06-05 16:44 - 00002309 _____ C:\Users\User_PC\Desktop\Kindle.lnk

2017-06-05 16:44 - 2017-06-05 16:44 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2017-06-05 16:37 - 2017-06-05 16:37 - 00001936 _____ C:\Users\User_PC\Desktop\ttt.txt

2017-06-05 16:21 - 2017-06-05 16:30 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-06-05 16:21 - 2017-06-05 16:21 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-06-05 16:21 - 2017-06-05 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-06-05 16:21 - 2017-06-05 16:21 - 00000000 ____D C:\Program Files\Malwarebytes

2017-06-05 16:21 - 2017-05-31 11:09 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-05-28 16:47 - 2017-05-28 16:47 - 00000000 ____D C:\Users\User_PC\AppData\Local\PAYDAY 2

2017-05-28 16:47 - 2017-05-28 16:47 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies

2017-05-27 18:39 - 2017-06-05 16:19 - 00000000 ____D C:\Users\User_PC\AppData\LocalLow\Mozilla

2017-05-27 18:39 - 2017-05-28 17:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2017-05-26 09:43 - 2017-05-26 09:43 - 00000104 _____ C:\WINDOWS\StartUp.INI

2017-05-25 21:16 - 2017-05-25 21:16 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\MMFApplications

2017-05-25 11:58 - 2017-05-25 11:58 - 00000000 ____D C:\Program Files (x86)\VulkanRT

2017-05-25 11:58 - 2017-05-18 09:35 - 00513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2017-05-25 11:58 - 2017-05-18 09:35 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2017-05-25 11:58 - 2017-05-18 07:21 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2017-05-25 11:58 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll

2017-05-25 11:58 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2017-05-25 11:58 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe

2017-05-25 11:58 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2017-05-25 11:56 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438233.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438233.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00583800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2017-05-25 11:52 - 2017-05-25 11:58 - 00000000 ____D C:\WINDOWS\LastGood.Tmp

2017-05-25 11:52 - 2017-05-25 11:52 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-25 11:52 - 2017-05-25 11:52 - 00001492 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2017-05-25 11:52 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll

2017-05-25 11:52 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2017-05-23 15:18 - 2017-05-23 17:47 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\ICAClient

2017-05-23 15:18 - 2017-05-23 15:18 - 00001642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk

2017-05-23 15:17 - 2017-05-30 16:32 - 00000000 ____D C:\Users\User_PC\AppData\Local\Citrix

2017-05-23 15:17 - 2017-05-23 15:18 - 00000000 ____D C:\ProgramData\Citrix

2017-05-23 15:17 - 2017-05-23 15:18 - 00000000 ____D C:\Program Files (x86)\Citrix

2017-05-23 15:17 - 2017-05-23 15:17 - 48612464 _____ (Citrix Systems, Inc.) C:\Users\User_PC\Downloads\CitrixReceiver.exe

2017-05-23 12:35 - 2017-06-05 12:27 - 00000000 ____D C:\Users\User_PC\Desktop\Steuern

2017-05-23 11:28 - 2017-06-05 16:45 - 00000000 ____D C:\Users\User_PC\Documents\My Kindle Content

2017-05-23 11:27 - 2017-06-05 16:44 - 00000000 ____D C:\Users\User_PC\AppData\Local\Amazon

2017-05-20 15:22 - 2017-05-20 15:31 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\TeamViewer

2017-05-19 09:35 - 2017-05-19 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker

2017-05-18 20:00 - 2017-05-18 20:00 - 00000000 ____D C:\Users\User_PC\AppData\LocalLow\Crazy Monkey Studios

2017-05-18 18:20 - 2017-05-18 18:20 - 00000000 ____D C:\Users\User_PC\AppData\Local\DBG

2017-05-16 15:14 - 2017-05-16 15:15 - 00000070 _____ C:\Users\User_PC\Desktop\td business go.txt

2017-05-16 11:58 - 2017-05-22 09:53 - 00000160 _____ C:\Users\User_PC\Desktop\td gewerbe.txt

2017-05-13 13:29 - 2017-05-13 13:29 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 05776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-05-13 13:29 - 2017-05-13 13:29 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-05-13 13:29 - 2017-05-13 13:29 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2017-05-13 13:29 - 2017-05-13 13:29 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2017-05-13 13:29 - 2017-05-13 13:29 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2017-05-13 13:29 - 2017-05-13 13:29 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2017-05-13 13:29 - 2017-05-13 13:29 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2017-05-13 13:29 - 2017-05-13 13:29 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin

2017-05-13 13:29 - 2017-05-13 13:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-05-13 13:28 - 2017-03-17 23:48 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll

2017-05-13 13:28 - 2017-03-17 23:08 - 17777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll

2017-05-13 13:28 - 2017-03-17 23:05 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll

2017-05-13 13:28 - 2017-03-17 23:02 - 00393216 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe

2017-05-13 13:28 - 2017-03-17 22:59 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll

2017-05-13 13:28 - 2017-03-17 22:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll

2017-05-13 13:28 - 2017-03-17 22:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll

2017-05-13 13:28 - 2017-03-17 22:53 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll

2017-05-13 13:28 - 2017-03-17 22:52 - 04897280 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe

2017-05-13 13:28 - 2017-03-17 22:49 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll

2017-05-13 13:28 - 2017-03-17 22:49 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll

2017-05-13 13:28 - 2017-03-17 22:48 - 13785600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll

2017-05-13 13:28 - 2017-03-17 22:47 - 06806016 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll

2017-05-13 13:28 - 2017-03-17 22:46 - 00370176 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe

2017-05-13 13:28 - 2017-03-17 22:44 - 01977344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll

2017-05-13 13:28 - 2017-03-17 22:44 - 01174528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe

2017-05-13 13:28 - 2017-03-17 22:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll

2017-05-13 13:28 - 2017-03-17 22:44 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll

2017-05-13 13:28 - 2017-03-17 22:43 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll

2017-05-13 13:28 - 2017-03-17 22:43 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll

2017-05-13 13:28 - 2017-03-17 22:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll

2017-05-13 13:28 - 2017-03-17 22:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll

2017-05-13 13:28 - 2017-03-17 22:41 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll

2017-05-13 13:28 - 2017-03-17 22:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll

2017-05-13 13:28 - 2017-03-17 22:38 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll

2017-05-13 13:28 - 2017-03-17 22:35 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll

2017-05-13 13:28 - 2017-03-17 22:35 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll

2017-05-13 13:28 - 2017-03-17 22:33 - 05141504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll

2017-05-13 13:28 - 2017-03-17 22:33 - 03648000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe

2017-05-13 13:28 - 2017-03-17 22:30 - 01480704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll

2017-05-13 13:28 - 2017-03-17 22:30 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe

2017-05-13 13:28 - 2017-03-17 22:30 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll

2017-05-13 13:28 - 2017-03-17 22:30 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll

2017-05-13 13:28 - 2017-03-17 22:29 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll

2017-05-13 13:28 - 2017-03-17 22:29 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll

2017-05-13 13:28 - 2017-03-17 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll

2017-05-13 13:27 - 2017-05-13 13:27 - 00008192 _____ C:\WINDOWS\system32\config\userdiff

2017-05-13 13:27 - 2017-05-13 12:31 - 00000000 ____D C:\WINDOWS\ServiceProfiles

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\Program Files\Reference Assemblies

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\Program Files\MSBuild

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\Program Files (x86)\MSBuild

2017-05-13 13:26 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2017-05-13 13:26 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2017-05-13 13:26 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2017-05-13 13:26 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2017-05-13 13:26 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2017-05-13 13:26 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2017-05-13 12:58 - 2017-06-02 18:08 - 00007598 _____ C:\Users\User_PC\AppData\Local\Resmon.ResmonCfg

2017-05-13 12:42 - 2017-05-13 12:42 - 00000000 ____D C:\ProgramData\Microsoft OneDrive

2017-05-13 12:41 - 2017-05-13 12:41 - 00000020 ___SH C:\Users\User_PC\ntuser.ini

2017-05-13 12:40 - 2017-05-13 12:40 - 00000000 ____D C:\ProgramData\USOShared

2017-05-13 12:39 - 2017-05-13 12:39 - 00007623 _____ C:\WINDOWS\diagwrn.xml

2017-05-13 12:39 - 2017-05-13 12:39 - 00007623 _____ C:\WINDOWS\diagerr.xml

2017-05-13 12:38 - 2017-06-05 16:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-05-13 12:38 - 2017-05-25 11:52 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-13 12:42 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2

2017-05-13 12:38 - 2017-05-13 12:38 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-05-13 12:38 - 2017-05-13 12:38 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2017-05-13 12:38 - 2017-05-13 12:38 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-05-13 12:38 - 2017-05-13 12:38 - 00002668 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task

2017-05-13 12:38 - 2017-05-13 12:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel

2017-05-13 12:35 - 2017-05-13 12:35 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2017-05-13 12:34 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-05-13 12:33 - 2017-06-05 00:19 - 00000000 ____D C:\Users\User_PC

2017-05-13 12:33 - 2017-05-13 12:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Vorlagen

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Startmenü

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Netzwerkumgebung

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Lokale Einstellungen

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Eigene Dateien

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Druckumgebung

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Documents\Eigene Videos

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Documents\Eigene Musik

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Documents\Eigene Bilder

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\AppData\Local\Verlauf

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\AppData\Local\Anwendungsdaten

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Anwendungsdaten

2017-05-13 12:32 - 2017-06-05 16:35 - 02315218 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-05-13 12:32 - 2017-06-05 16:32 - 00000000 ____D C:\ProgramData\NVIDIA

2017-05-13 12:32 - 2017-05-25 11:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2017-05-13 12:32 - 2017-05-25 11:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2017-05-13 12:32 - 2017-05-25 11:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2017-05-13 12:32 - 2017-05-18 07:55 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2017-05-13 12:32 - 2017-05-18 07:48 - 06437824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 02479736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 00548984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2017-05-13 12:32 - 2017-05-16 20:09 - 07993157 _____ C:\WINDOWS\system32\nvcoproc.bin

2017-05-13 12:32 - 2017-05-14 09:07 - 00000000 ____D C:\Program Files (x86)\Razer

2017-05-13 12:32 - 2017-05-13 12:34 - 00000000 ____D C:\ProgramData\Razer

2017-05-13 12:32 - 2017-05-13 12:32 - 01931144 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

2017-05-13 12:32 - 2017-05-13 12:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2017-05-13 12:32 - 2017-05-13 12:32 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2017-05-13 12:32 - 2017-05-13 12:32 - 00000000 ____D C:\Program Files\Realtek

2017-05-13 12:31 - 2017-06-05 17:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-05-13 12:31 - 2017-05-14 09:04 - 00335808 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-05-13 09:49 - 2017-05-13 12:41 - 00000000 ___DC C:\WINDOWS\Panther

2017-05-12 19:59 - 2017-05-13 12:53 - 00000000 ____D C:\Users\User_PC\.idlerc

2017-05-12 19:57 - 2017-05-13 12:36 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.6

2017-05-12 19:57 - 2017-05-12 19:57 - 00000000 ____D C:\Users\User_PC\AppData\Local\Package Cache

2017-05-12 16:06 - 2017-05-12 16:06 - 00000000 ____D C:\Users\User_PC\AppData\Local\UNP

2017-05-12 11:50 - 2017-05-13 12:36 - 00000000 ____D C:\WINDOWS\system32\UNP

2017-05-12 11:50 - 2017-05-12 11:51 - 00000000 ____D C:\Program Files\UNP

2017-05-11 17:38 - 2017-05-11 17:38 - 00000000 ____D C:\Users\User_PC\AppData\Local\id Software

2017-05-10 11:24 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll

2017-05-10 11:13 - 2017-05-10 11:13 - 07252327 _____ C:\Users\User_PC\Desktop\What-is-the-Name-of-this-Book.pdf
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-06-05 17:00 - 2016-04-09 09:12 - 00000838 _____ C:\Users\User_PC\Desktop\td.txt

2017-06-05 16:46 - 2016-07-25 13:46 - 00001057 _____ C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Livestreamer Twitch GUI.lnk

2017-06-05 16:46 - 2016-07-25 13:46 - 00000000 ____D C:\Users\User_PC\AppData\Local\livestreamer-twitch-gui

2017-06-05 16:38 - 2016-08-16 10:03 - 00000000 ____D C:\AdwCleaner

2017-06-05 16:35 - 2017-03-20 06:35 - 01018030 _____ C:\WINDOWS\system32\perfh007.dat

2017-06-05 16:35 - 2017-03-20 06:35 - 00235282 _____ C:\WINDOWS\system32\perfc007.dat

2017-06-05 16:30 - 2016-08-16 10:08 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-06-05 16:30 - 2016-08-16 10:06 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-06-05 16:30 - 2016-08-16 10:06 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-06-05 16:29 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI

2017-06-05 16:21 - 2016-08-16 10:06 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys

2017-06-05 16:21 - 2016-08-16 10:06 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-06-05 16:08 - 2016-07-25 10:08 - 00000000 ____D C:\Program Files (x86)\Steam

2017-06-05 16:01 - 2016-07-25 09:53 - 00000000 ____D C:\Users\User_PC\AppData\Local\Battle.net

2017-06-05 15:05 - 2016-07-25 13:15 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\vlc

2017-06-05 14:41 - 2016-07-25 14:00 - 00000000 ____D C:\Users\User_PC\AppData\Local\JDownloader v2.0

2017-06-05 12:21 - 2016-07-25 09:53 - 00000000 ____D C:\Program Files (x86)\Battle.net

2017-06-04 11:49 - 2017-01-11 15:29 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim

2017-06-04 11:49 - 2017-01-11 15:29 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\HearthstoneDeckTracker

2017-06-04 11:49 - 2017-01-11 15:29 - 00000000 ____D C:\Users\User_PC\AppData\Local\HearthstoneDeckTracker

2017-06-04 11:49 - 2016-07-26 21:14 - 00000000 ____D C:\Users\User_PC\AppData\Local\SquirrelTemp

2017-06-04 08:23 - 2016-07-25 10:04 - 00000000 ____D C:\Users\User_PC\AppData\Local\CrashDumps

2017-06-03 08:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-06-02 06:36 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps

2017-05-31 18:31 - 2016-07-25 13:57 - 00000000 ____D C:\Users\User_PC\AppData\Local\ManyCam

2017-05-31 15:13 - 2016-07-26 21:14 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\discord

2017-05-29 17:52 - 2015-12-24 18:32 - 00000000 ____D C:\Users\User_PC\Documents\Klei

2017-05-28 17:04 - 2016-07-25 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2017-05-25 11:58 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF

2017-05-25 11:58 - 2016-07-25 10:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2017-05-23 11:58 - 2016-07-25 09:11 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-05-23 11:57 - 2016-07-25 09:11 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-05-22 21:35 - 2016-08-26 15:56 - 00000000 ____D C:\Users\User_PC\AppData\Local\Overwolf

2017-05-22 15:42 - 2016-11-16 16:15 - 00000000 ____D C:\Users\User_PC\Desktop\Bewerbungen

2017-05-19 14:08 - 2017-01-24 11:01 - 00072520 _____ C:\Users\User_PC\AppData\Local\GDIPFONTCACHEV1.DAT

2017-05-19 09:35 - 2017-01-05 13:47 - 00000553 _____ C:\Users\User_PC\Desktop\partypoker.lnk

2017-05-19 09:35 - 2016-11-10 17:57 - 00000553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk

2017-05-19 09:35 - 2016-08-13 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2017-05-18 16:39 - 2016-08-26 15:56 - 00000000 ____D C:\Program Files (x86)\Overwolf

2017-05-18 09:35 - 2017-04-26 10:04 - 04114248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2017-05-18 09:35 - 2017-04-26 10:04 - 03624784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2017-05-18 09:35 - 2017-04-26 10:04 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys

2017-05-18 09:35 - 2017-04-26 10:04 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb

2017-05-18 09:35 - 2016-12-15 13:00 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat

2017-05-16 13:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache

2017-05-14 09:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat

2017-05-13 15:53 - 2016-09-26 09:35 - 00000000 ____D C:\Program Files\Common Files\logishrd

2017-05-13 14:43 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-05-13 13:31 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template

2017-05-13 13:29 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-05-13 13:29 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism

2017-05-13 13:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI

2017-05-13 13:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI

2017-05-13 12:57 - 2016-07-24 23:49 - 00000000 ____D C:\Users\User_PC\AppData\Local\Packages

2017-05-13 12:42 - 2016-09-26 09:45 - 00000000 ____D C:\Users\User_PC\AppData\Local\ConnectedDevicesPlatform

2017-05-13 12:42 - 2016-07-24 23:50 - 00002396 _____ C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2017-05-13 12:42 - 2015-10-27 11:02 - 00000000 ___RD C:\Users\User_PC\OneDrive

2017-05-13 12:41 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-05-13 12:41 - 2015-10-27 11:00 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-05-13 12:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase

2017-05-13 12:40 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate

2017-05-13 12:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT

2017-05-13 12:40 - 2016-07-25 14:00 - 00000306 __RSH C:\ProgramData\ntuser.pol

2017-05-13 12:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration

2017-05-13 12:39 - 2016-10-27 11:12 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-05-13 12:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2017-05-13 12:38 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell

2017-05-13 12:38 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries

2017-05-13 12:38 - 2016-09-26 09:43 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat

2017-05-13 12:37 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2017-05-13 12:36 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2017-05-13 12:36 - 2017-01-16 13:02 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps

2017-05-13 12:36 - 2016-12-14 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Track-o-Bot

2017-05-13 12:36 - 2016-11-23 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III

2017-05-13 12:36 - 2016-11-16 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2017-05-13 12:36 - 2016-11-16 16:40 - 00000000 ____D C:\WINDOWS\SHELLNEW

2017-05-13 12:36 - 2016-11-10 18:28 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FullTilt.EU

2017-05-13 12:36 - 2016-08-31 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft

2017-05-13 12:36 - 2016-08-26 15:56 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf

2017-05-13 12:36 - 2016-08-11 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe

2017-05-13 12:36 - 2016-08-07 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio

2017-05-13 12:36 - 2016-07-30 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

2017-05-13 12:36 - 2016-07-27 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2017-05-13 12:36 - 2016-07-26 15:40 - 00000000 ____D C:\WINDOWS\SysWOW64\1033

2017-05-13 12:36 - 2016-07-26 15:40 - 00000000 ____D C:\WINDOWS\system32\1033

2017-05-13 12:36 - 2016-07-25 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

2017-05-13 12:36 - 2016-07-25 14:00 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader

2017-05-13 12:36 - 2016-07-25 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam

2017-05-13 12:36 - 2016-07-25 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\beurer

2017-05-13 12:36 - 2016-07-25 13:55 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2

2017-05-13 12:36 - 2016-07-25 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2017-05-13 12:36 - 2016-07-25 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2017-05-13 12:36 - 2016-07-25 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2017-05-13 12:36 - 2016-07-25 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI(R) Intel(R) Extreme Tuning Utility

2017-05-13 12:36 - 2016-07-25 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2017-05-13 12:36 - 2016-07-25 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2017-05-13 12:36 - 2016-07-25 09:47 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2017-05-13 12:36 - 2016-07-25 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2017-05-13 12:34 - 2017-04-15 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2017-05-13 12:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

2017-05-13 12:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2017-05-13 12:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool

2017-05-13 12:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed

2017-05-13 12:34 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2017-05-13 12:34 - 2017-01-24 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24

2017-05-13 12:34 - 2016-09-14 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

2017-05-13 12:34 - 2016-08-03 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2017-05-13 12:34 - 2016-07-26 15:42 - 00000000 ____D C:\Program Files\IIS

2017-05-13 12:34 - 2016-07-25 10:36 - 00000000 ____D C:\Program Files\Intel

2017-05-13 12:34 - 2016-07-25 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI

2017-05-13 12:34 - 2016-07-24 23:54 - 00000000 ____D C:\ProgramData\Package Cache

2017-05-13 12:34 - 2016-07-24 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2017-05-13 12:33 - 2016-11-25 22:19 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2017-05-13 12:33 - 2016-07-26 21:14 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc

2017-05-13 12:33 - 2016-07-25 00:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy

2017-05-13 12:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help

2017-05-13 12:32 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep

2017-05-13 12:22 - 2015-07-10 05:36 - 00008192 __RSH C:\BOOTSECT.BAK

2017-05-09 23:45 - 2016-11-25 22:19 - 00000000 ____D C:\Users\User_PC\AppData\Local\Ubisoft Game Launcher
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2017-01-06 19:02 - 2017-01-06 20:58 - 0003968 _____ () C:\Users\User_PC\AppData\Roaming\VoiceMeeterDefault.xml

2016-07-25 15:00 - 2016-09-14 00:00 - 0000173 _____ () C:\Users\User_PC\AppData\Roaming\WB.CFG

2017-05-13 12:58 - 2017-06-02 18:08 - 0007598 _____ () C:\Users\User_PC\AppData\Local\Resmon.ResmonCfg

2016-12-15 13:00 - 2017-02-02 19:02 - 0010896 _____ () C:\ProgramData\NvTelemetryContainer.log

2016-12-15 13:00 - 2017-01-30 01:40 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-05-31 13:27
 

==================== Ende von FRST.txt ============================

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-06-2017

durchgeführt von H4wk (05-06-2017 18:28:52)

Gestartet von D:\Web DL

Windows 10 Home Version 1703 (X64) (2017-05-13 10:40:45)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-2080308072-346064868-999961720-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-2080308072-346064868-999961720-503 - Limited - Disabled)

Gast (S-1-5-21-2080308072-346064868-999961720-501 - Limited - Disabled)

H4wk (S-1-5-21-2080308072-346064868-999961720-1001 - Administrator - Enabled) => C:\Users\User_PC
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

µTorrent (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)

ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)

Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden

Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)

Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)

Amazon Kindle (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)

Ansel (Version: 382.33 - NVIDIA Corporation) Hidden

Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)

Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)

Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden

Avoid Sensory Overload (HKLM\...\Steam App 286660) (Version:  - 48h Studio)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Beurer ECG Manager (HKLM-x32\...\{D66C35D2-6217-4A3D-86B0-B320BF36D7AE}) (Version: 1.20.25 - beurer)

Bit Blaster XL (HKLM\...\Steam App 433950) (Version:  - Nickervision Studios)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)

CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden

Citrix Receiver 4.7 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.7.0.13011 - Citrix Systems, Inc.)

Clones (HKLM\...\Steam App 72400) (Version:  - Tomkorp Computer Solutions Inc.)

Closure (HKLM\...\Steam App 72000) (Version:  - Eyebrow Interactive)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dex (HKLM\...\Steam App 269650) (Version:  - Dreadlocks Ltd.)

Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)

Discord (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)

Distance (HKLM\...\Steam App 233610) (Version:  - Refract)

Don't Starve (HKLM\...\Steam App 219740) (Version:  - Klei Entertainment)

Don't Starve Together (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)

eden* (HKLM\...\Steam App 315810) (Version:  - minori)

Electronic Super Joy (HKLM\...\Steam App 244870) (Version:  - Michael Todd Games)

Enter the Gungeon (HKLM\...\Steam App 311690) (Version:  - Dodge Roll)

Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)

Erforderliche Komponenten für SSDT  (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)

erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

Far Cry Primal (HKLM\...\Steam App 371660) (Version:  - Ubisoft)

FLY'N (HKLM\...\Steam App 223730) (Version:  - Ankama)

ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)

Full Tilt.eu (HKLM-x32\...\Full Tilt.eu) (Version:  - Full Tilt.eu)

GemCraft - Chasing Shadows (HKLM\...\Steam App 296490) (Version:  - Game in a Bottle)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)

Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden

Guns, Gore & Cannoli (HKLM\...\Steam App 322210) (Version:  - Crazy Monkey Studios)

Half-Life: A Place in the West (HKLM\...\Steam App 466270) (Version:  - Michael Pelletier)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Hearthstone Deck Tracker (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\HearthstoneDeckTracker) (Version: 1.3.5 - HearthSim)

IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )

Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden

iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )

Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)

Mad Bullets (HKLM\...\Steam App 452860) (Version:  - isTom Games Kft.)

Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

ManyCam 4.1.2 (HKLM-x32\...\ManyCam) (Version: 4.1.2 - Visicom Media Inc.)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)

Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)

Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)

Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2016 Management Objects  (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)

Mini Metro (HKLM\...\Steam App 287980) (Version:  - Dinosaur Polo Club)

Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)

MSI(R) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{bcbf202c-9746-4173-a49b-649bfd0adca6}) (Version: 6.0.2.102 - Intel Corporation)

MSI(R) Intel(R) Extreme Tuning Utility (x32 Version: 6.0.2.102 - Intel Corporation) Hidden

NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)

NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden

NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden

NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)

Online Plug-in (x32 Version: 14.7.0.13011 - Citrix Systems, Inc.) Hidden

oO (HKLM\...\Steam App 367570) (Version:  - Maciej Targoni)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)

Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)

Overwolf (HKLM-x32\...\Overwolf) (Version: 0.104.210.0 - Overwolf Ltd.)

paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)

Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)

Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)

Parcel (HKLM\...\Steam App 316080) (Version:  - Polar Bunny Ltd)

partypoker (HKLM-x32\...\PartyPoker) (Version:  - PartyGaming)

PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)

PDF24 Creator 8.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

Python 3.6.1 (32-bit) (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)

Python 3.6.1 Add to Path (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Core Interpreter (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Development Libraries (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Documentation (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Executables (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 pip Bootstrap (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Standard Library (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Tcl/Tk Support (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Test Suite (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Utility Scripts (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)

Quell Memento (HKLM\...\Steam App 348440) (Version:  - Fallen Tree Games Ltd)

Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.1.5 - Razer Inc.)

Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.8.311.2016 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7806 - Realtek Semiconductor Corp.)

RFLEX (HKLM\...\Steam App 392020) (Version:  - Wesley LaFerriere)

Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)

Roslyn Language Services - x86 (x32 Version: 14.0.25424 - Microsoft Corporation) Hidden

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)

Self-Service Plug-in (x32 Version: 4.7.0.15674 - Citrix Systems, Inc.) Hidden

SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden

Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)

Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Streamlink Twitch GUI (HKLM-x32\...\streamlink-twitch-gui) (Version: 1.1.1 - Sebastian Meyer)

Sword of the Stars: The Pit (HKLM\...\Steam App 233700) (Version:  - Kerberos Productions Inc.)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)

The Legend of Korra™ (HKLM\...\Steam App 281690) (Version:  - PlatinumGames)

Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)

Track-o-Bot version 0.8.5 (HKLM-x32\...\Track-o-Bot_is1) (Version: 0.8.5 - spidy.ch)

TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.35.0 - Microsoft Corporation) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 25.0.1 - Ubisoft)

Valkyria Chronicles™ (HKLM\...\Steam App 294860) (Version:  - SEGA)

VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)

Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

Westerado: Double Barreled (HKLM\...\Steam App 275200) (Version:  - Ostrich Banditos)

Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windscribe version 1.59 build 10 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.59 build 10 - Windscribe)

WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {226F5E93-1716-43C7-9CCF-842056D03A46} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)

Task: {28F80F46-E496-4C91-B7BA-FF28F71ECCB7} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-05-14] (Overwolf LTD)

Task: {2AA1AA56-BB51-4807-825B-9FC84A165471} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-27] (Google Inc.)

Task: {2E6114CB-79AE-4B6B-9DB8-5004C195C1A0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)

Task: {30706873-0AB0-43CE-B48F-7189A95E4927} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

Task: {38F5D07D-BB12-4F33-AB0B-94E97117B143} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

Task: {3B6567E7-498D-4272-B0A0-055A798E1801} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)

Task: {52824E63-5113-460E-8369-2B5FA8B057F4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)

Task: {58733ABE-4854-49DA-AF23-19DECCABE233} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

Task: {60E9CA43-CF7F-4017-AE9C-43D7C8186821} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

Task: {8CFACB55-C050-404C-9051-46EDAD014495} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)

Task: {AFFFE463-507B-4A26-AE3B-EFF7EE4C96F0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

Task: {B687F93E-F8B0-4BFA-8965-4746B387DE49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-27] (Google Inc.)

Task: {B6880BAA-09FA-489F-A6AB-092876CA06F7} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe 
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

ShortcutWithArgument: C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg

ShortcutWithArgument: C:\Users\User_PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg

ShortcutWithArgument: C:\Users\User_PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\207745223fb8679b\streamlink-twitch-gui.lnk -> C:\Program Files\Streamlink Twitch GUI\streamlink-twitch-gui.exe (The NWJS Community) -> --user-data-dir="C:\Users\User_PC\AppData\Local\streamlink-twitch-gui\User Data" --profile-directory=Default --app-id=kjlcknihpadniagphehmpojkkdigigjp
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2016-10-08 10:19 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-06-05 16:21 - 2017-05-31 11:09 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

2016-08-11 20:42 - 2016-07-24 02:38 - 00047208 _____ () C:\Program Files (x86)\Windscribe\WindscribeService.exe

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-05-11 00:43 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll

2017-05-11 00:43 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll

2016-11-04 20:56 - 2016-11-04 20:56 - 61917108 _____ () D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

2016-11-04 20:56 - 2016-10-15 06:14 - 01890304 _____ () D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\libglesv2.dll

2016-11-04 20:56 - 2016-10-15 06:14 - 00086016 _____ () D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\libegl.dll

2013-09-23 21:04 - 2013-09-23 21:04 - 00007680 _____ () C:\Program Files (x86)\Livestreamer\livestreamer.exe

2016-07-25 10:16 - 2014-08-13 20:10 - 01723856 _____ () C:\MSI\Smart Utilities\SuperRAIDExt.DLL

2016-07-25 10:16 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll

2016-10-08 10:19 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-02-20 10:10 - 2017-02-20 10:10 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll

2012-04-10 23:31 - 2012-04-10 23:31 - 00040960 _____ () C:\Program Files (x86)\Livestreamer\_socket.pyd

2012-04-10 23:31 - 2012-04-10 23:31 - 00721920 _____ () C:\Program Files (x86)\Livestreamer\_ssl.pyd

2012-04-10 23:31 - 2012-04-10 23:31 - 00285184 _____ () C:\Program Files (x86)\Livestreamer\_hashlib.pyd

2012-04-10 23:31 - 2012-04-10 23:31 - 00009728 _____ () C:\Program Files (x86)\Livestreamer\select.pyd

2012-04-10 23:31 - 2012-04-10 23:31 - 00074240 _____ () C:\Program Files (x86)\Livestreamer\_ctypes.pyd

2012-04-10 23:31 - 2012-04-10 23:31 - 00070656 _____ () C:\Program Files (x86)\Livestreamer\_elementtree.pyd

2012-04-10 23:31 - 2012-04-10 23:31 - 00103424 _____ () C:\Program Files (x86)\Livestreamer\pyexpat.pyd

2012-04-10 23:31 - 2012-04-10 23:31 - 00023552 _____ () C:\Program Files (x86)\Livestreamer\_multiprocessing.pyd

2013-11-07 02:24 - 2013-11-07 02:24 - 00029184 _____ () C:\Program Files (x86)\Livestreamer\Crypto.Cipher._AES.pyd

2013-09-24 20:39 - 2013-09-24 20:39 - 00057856 _____ () C:\Program Files (x86)\Livestreamer\_cffi_backend.pyd

2015-05-02 21:09 - 2015-05-02 21:09 - 00483721 _____ () C:\Program Files (x86)\Livestreamer\librtmp.dll

2013-09-23 21:04 - 2013-09-23 21:04 - 00029696 _____ () C:\Program Files (x86)\Livestreamer\librtmp_ffi\_binding.pyd

2012-04-10 23:31 - 2012-04-10 23:31 - 00686592 _____ () C:\Program Files (x86)\Livestreamer\unicodedata.pyd

2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\localhost -> localhost
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2016-07-25 00:37 - 2016-07-25 00:37 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-2080308072-346064868-999961720-1001\Control Panel\Desktop\\Wallpaper -> D:\Wallpaper\blood-red-forest.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "Live Update"

HKLM\...\StartupApproved\Run32: => "Command Center"

HKLM\...\StartupApproved\Run32: => "Fast Boot"

HKLM\...\StartupApproved\Run32: => "Super Charger"

HKLM\...\StartupApproved\Run32: => "LWS"

HKLM\...\StartupApproved\Run32: => "PDFPrint"

HKLM\...\StartupApproved\Run32: => "ConnectionCenter"

HKLM\...\StartupApproved\Run32: => "Redirector"

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\StartupApproved\Run: => "Steam"

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\StartupApproved\Run: => "Windscribe"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{6F6B48F4-1871-4948-916F-43DBA00B314B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{55E7CBDB-D021-4C59-9C30-D0134288D159}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{B5D18FAC-0EFF-40C9-B152-AA6C682C68F3}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{C66ABBAA-55FB-47E3-99A7-851FB0DF3F70}] => (Allow) E:\SteamLibrary\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe

FirewallRules: [{6E993D3D-EF8D-45A9-A15B-13066EB07342}] => (Allow) E:\SteamLibrary\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe

FirewallRules: [{006FBD48-FB18-4398-8BCC-1A622C9B153B}] => (Allow) E:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe

FirewallRules: [{DC3FE9AD-81F1-49EF-94B0-52FDB7CB4C91}] => (Allow) E:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe

FirewallRules: [UDP Query User{C696562E-1F42-4E43-B8E4-4C92F36FAFBE}E:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe

FirewallRules: [TCP Query User{927D5A73-1CAE-4523-8DD7-F1767605C079}E:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe

FirewallRules: [{660317FB-6245-4BE7-B48B-41CCA02FF22D}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

FirewallRules: [{831294A2-F7CE-49FE-901E-B6D29F9AD9AA}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

FirewallRules: [{B788C453-14BE-495B-881E-AAE940602F05}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe

FirewallRules: [{30272FB8-7620-43F5-AAD9-27F8DC90DB5A}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe

FirewallRules: [{CE997D41-28A1-4EB8-8B3E-8B0D617ED0BD}] => (Allow) E:\SteamLibrary\steamapps\common\Westerado\WesteradoDB.exe

FirewallRules: [{C77BCEA7-CCCD-44E0-B3A9-918B7EC27FC4}] => (Allow) E:\SteamLibrary\steamapps\common\Westerado\WesteradoDB.exe

FirewallRules: [{0CEFFDCE-7A71-40EE-B4D2-85BD3E5C28B2}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe

FirewallRules: [{71FC2D08-1EEA-4BE6-9550-17F950C02984}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe

FirewallRules: [{1DFEFFBB-6A7D-4A8E-B334-DEED03DC965C}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe

FirewallRules: [{CD9447C7-7122-4FD1-825E-1195454F9E8E}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe

FirewallRules: [{9AB377CE-5CA2-4B9D-9AA6-05DB58FA0710}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe

FirewallRules: [{C3AE5C9A-6B4F-4CA3-981C-B51BA1AA3B55}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe

FirewallRules: [{3ACFF69E-7B3B-4143-B5F3-C64FD8F4931C}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\Talos.exe

FirewallRules: [{02C87BE5-0E43-4F04-9367-D651FFFA3E67}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\Talos.exe

FirewallRules: [{A813E4FB-8E32-43BA-A1F8-A5DF748C6787}] => (Allow) E:\SteamLibrary\steamapps\common\Parcel\Parcel.exe

FirewallRules: [{DF56AE24-54E8-4E60-8258-42A4D490A74F}] => (Allow) E:\SteamLibrary\steamapps\common\Parcel\Parcel.exe

FirewallRules: [{71A83C4C-D45A-4220-A19B-83924A90DE14}] => (Allow) E:\SteamLibrary\steamapps\common\Closure\Closure.exe

FirewallRules: [{EDC0A141-F980-4F3E-AD0E-A888F932AA22}] => (Allow) E:\SteamLibrary\steamapps\common\Closure\Closure.exe

FirewallRules: [{D32E38EF-F9E4-4E4E-B115-E721B881E864}] => (Allow) E:\SteamLibrary\steamapps\common\RFLEX\RFLEX64.exe

FirewallRules: [{63ECE0CC-07A9-4483-A056-7A59057046EA}] => (Allow) E:\SteamLibrary\steamapps\common\RFLEX\RFLEX64.exe

FirewallRules: [{0D088764-188D-4369-996D-C3E77D8FBE20}] => (Allow) E:\SteamLibrary\steamapps\common\oO\ooWin.exe

FirewallRules: [{A24F720D-7C59-4BE8-AD5E-96EDE32B8ACC}] => (Allow) E:\SteamLibrary\steamapps\common\oO\ooWin.exe

FirewallRules: [{8DB691E8-581B-4725-9DE0-458FC16C8F9A}] => (Allow) E:\SteamLibrary\steamapps\common\Avoid Sensory Overload\avoid.exe

FirewallRules: [{F9F64DF1-58B3-4CD6-A9DF-8CD8BC8C8441}] => (Allow) E:\SteamLibrary\steamapps\common\Avoid Sensory Overload\avoid.exe

FirewallRules: [{18EE1FD4-0094-497E-A80C-6C68C4ACA1A1}] => (Allow) E:\SteamLibrary\steamapps\common\ElectronicSuperJoy\ElectronicSuperJoy.exe

FirewallRules: [{46B60BF1-CD59-433E-BB93-B685E54B3EFE}] => (Allow) E:\SteamLibrary\steamapps\common\ElectronicSuperJoy\ElectronicSuperJoy.exe

FirewallRules: [{B390CC2D-71E6-4178-9E86-75B265CB350E}] => (Allow) E:\SteamLibrary\steamapps\common\Clones\Bin\ClonesGame.exe

FirewallRules: [{2BC1D65E-C0F3-42F8-A1D6-F3608AB9B186}] => (Allow) E:\SteamLibrary\steamapps\common\Clones\Bin\ClonesGame.exe

FirewallRules: [UDP Query User{EC945CCB-2D02-46D7-89FC-757F294595A0}E:\ubi shit\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\ubi shit\ubisoft game launcher\games\forhonor\forhonor.exe

FirewallRules: [TCP Query User{DE9D8503-E6E4-489C-93C7-58E65929AFFF}E:\ubi shit\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\ubi shit\ubisoft game launcher\games\forhonor\forhonor.exe

FirewallRules: [{28DD0259-414B-451E-8245-94F25864EEFE}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe

FirewallRules: [{7FC62D06-C910-4B29-94C0-576274724F65}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe

FirewallRules: [{041A9892-3ED2-47F1-9A31-8311FF35C174}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe

FirewallRules: [{2A6C06BF-D879-4580-9EC2-A05428CA3F11}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe

FirewallRules: [{03E23746-1FC1-48AF-9E75-645E70F86233}] => (Allow) E:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe

FirewallRules: [{4FDDE233-EF15-46AE-A0A4-B69FA2A8A925}] => (Allow) E:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe

FirewallRules: [{CBB08155-3945-453B-B736-7B9528E63705}] => (Allow) E:\SteamLibrary\steamapps\common\TheRoom\TheRoom.exe

FirewallRules: [{F9A1F071-250F-4759-B02D-9B60D8CF4B9C}] => (Allow) E:\SteamLibrary\steamapps\common\TheRoom\TheRoom.exe

FirewallRules: [{A92BA65F-05DC-4CAB-B92E-7DC0245FCE88}] => (Allow) E:\SteamLibrary\steamapps\common\Majesty HD\MajestyHD.exe

FirewallRules: [{1C2D81AB-D2B1-440D-9CFF-26A9187FC2B6}] => (Allow) E:\SteamLibrary\steamapps\common\Majesty HD\MajestyHD.exe

FirewallRules: [UDP Query User{2E940269-518C-478F-B88F-8F2E8CFAE27E}E:\blizzard\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base48645\sc2_x64.exe

FirewallRules: [TCP Query User{2061E305-79D8-47D4-B050-1B2F4B1795C1}E:\blizzard\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base48645\sc2_x64.exe

FirewallRules: [{DD383C96-3548-44FF-8FB8-56E9C03D7839}] => (Allow) E:\SteamLibrary\steamapps\common\CookServeDelicious\CSDSteamBuild.exe

FirewallRules: [{065B1019-0114-4B37-9798-DB485F8D3CDD}] => (Allow) E:\SteamLibrary\steamapps\common\CookServeDelicious\CSDSteamBuild.exe

FirewallRules: [{E7072D13-B117-42EA-9894-983495B390A9}] => (Allow) E:\SteamLibrary\steamapps\common\The Pit\ThePit.exe

FirewallRules: [{ABAB5145-5E41-47DF-98FF-B070EEB403CC}] => (Allow) E:\SteamLibrary\steamapps\common\The Pit\ThePit.exe

FirewallRules: [UDP Query User{7A966D35-6544-4EFC-8FB0-ECC69A817A73}E:\blizzard\overwatch\overwatch.exe] => (Allow) E:\blizzard\overwatch\overwatch.exe

FirewallRules: [TCP Query User{E27EF055-4B0D-42B4-B126-6B6ABA35DE0A}E:\blizzard\overwatch\overwatch.exe] => (Allow) E:\blizzard\overwatch\overwatch.exe

FirewallRules: [{E3056E89-3114-4078-9616-FBA4F6110F54}] => (Allow) E:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{2F5BC9E9-8B29-46B7-8AE5-0B2A2C975504}] => (Allow) E:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{3EE2C6EC-9B0E-45BB-9D0A-65153D3DE167}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{845EE5E6-9017-4397-917B-5C2DAD852BAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{77EB1596-AAE5-45F6-B4B9-E50407FBFD16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{3742C2C4-2E3D-474E-B64B-919E574BB437}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{57634E17-60E2-4031-9700-0A3D851887A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{27256A05-F797-4E6B-92C3-45D3C6BC171E}] => (Allow) E:\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe

FirewallRules: [{BF210166-64AE-41BF-82CF-798D3B78F6C2}] => (Allow) E:\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe

FirewallRules: [{C1D72244-EC71-475C-A43D-F92960FFB7A5}] => (Allow) E:\SteamLibrary\steamapps\common\Dex\GamepadConfigTool.exe

FirewallRules: [{76391B62-5E7F-4141-B628-95AE361FA2B2}] => (Allow) E:\SteamLibrary\steamapps\common\Dex\GamepadConfigTool.exe

FirewallRules: [{61452023-4E41-41E4-A21C-0E5B75F0C2B2}] => (Allow) E:\SteamLibrary\steamapps\common\Dex\Dex.exe

FirewallRules: [{139D69E8-2547-4C0F-A477-6F4916B5F3C7}] => (Allow) E:\SteamLibrary\steamapps\common\Dex\Dex.exe

FirewallRules: [{2A2E2246-CF5E-45CF-BD0F-43DD8C16EBE9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{568E2FED-BE32-4AB4-AE42-413C2BC9C45F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [UDP Query User{21284698-ABF8-4F1A-A96B-E8430471E65B}D:\web dl\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe] => (Allow) D:\web dl\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

FirewallRules: [TCP Query User{4E211D82-77FA-445F-A5C6-9F8A0EEE0B04}D:\web dl\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe] => (Allow) D:\web dl\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

FirewallRules: [UDP Query User{CF0D7403-CD95-4343-BB04-6FC7209A918B}D:\web dl\streamlink-twitch-gui-v1.0.0-win64\streamlink-twitch-gui\streamlink-twitch-gui.exe] => (Allow) D:\web dl\streamlink-twitch-gui-v1.0.0-win64\streamlink-twitch-gui\streamlink-twitch-gui.exe

FirewallRules: [TCP Query User{9AB95F9A-EE79-4957-8439-288E6A18A16F}D:\web dl\streamlink-twitch-gui-v1.0.0-win64\streamlink-twitch-gui\streamlink-twitch-gui.exe] => (Allow) D:\web dl\streamlink-twitch-gui-v1.0.0-win64\streamlink-twitch-gui\streamlink-twitch-gui.exe

FirewallRules: [UDP Query User{A216436A-A3CE-4FD7-9280-3A49B3E4294E}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe

FirewallRules: [TCP Query User{5AA4520A-E5B9-4F5E-9ED4-A98CABE29517}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe

FirewallRules: [UDP Query User{1951BC4B-104A-4C30-9608-B55D0C3159AA}E:\blizzard\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base48258\sc2_x64.exe

FirewallRules: [TCP Query User{16CDF2B1-9424-4DB6-92DA-D0FD1D0AB771}E:\blizzard\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base48258\sc2_x64.exe

FirewallRules: [{3C2C28CF-7B58-459A-B600-C773B15B685D}] => (Allow) E:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe

FirewallRules: [{381A05C1-673C-447B-AD67-38A94F725F3F}] => (Allow) E:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe

FirewallRules: [{04BFDC8C-A348-41B9-95C3-F729E349C2C5}] => (Allow) E:\SteamLibrary\steamapps\common\MadBullets\bin_x86\Launcher.exe

FirewallRules: [{0C1A6742-3679-4C69-8650-E40477731D41}] => (Allow) E:\SteamLibrary\steamapps\common\MadBullets\bin_x86\Launcher.exe

FirewallRules: [{7ABCDEC4-EECF-4E65-9B86-14CEABA29306}] => (Allow) E:\SteamLibrary\steamapps\common\Far Cry Primal\bin\FCPrimal.exe

FirewallRules: [{BD4BDE16-2CC0-4636-8022-B95D1FFF0A22}] => (Allow) E:\SteamLibrary\steamapps\common\Far Cry Primal\bin\FCPrimal.exe

FirewallRules: [{D521760B-53B1-4E9B-9184-AABAA5BF4D3F}] => (Allow) E:\SteamLibrary\steamapps\common\Bit Blaster XL\BitBlasterXL.exe

FirewallRules: [{93BDA347-A2DF-4E8D-9A73-270BC8C87EC4}] => (Allow) E:\SteamLibrary\steamapps\common\Bit Blaster XL\BitBlasterXL.exe

FirewallRules: [{2DCF4718-754A-453D-A56F-18B393F2C776}] => (Allow) E:\SteamLibrary\steamapps\common\MiniMetro\MiniMetro.exe

FirewallRules: [{8503315C-75DF-498C-8363-DABFCCF39A58}] => (Allow) E:\SteamLibrary\steamapps\common\MiniMetro\MiniMetro.exe

FirewallRules: [{B9CDA8E5-B2E6-42AF-9BEC-8009357B256C}] => (Allow) E:\SteamLibrary\steamapps\common\Enter the Gungeon\EtG.exe

FirewallRules: [{4DCE47AD-2511-4A95-A990-2BA2818C055F}] => (Allow) E:\SteamLibrary\steamapps\common\Enter the Gungeon\EtG.exe

FirewallRules: [UDP Query User{15F0C9AC-75C5-46E4-97F6-2E3C63D9F6EE}E:\blizzard\wow\diablo iii\diablo iii.exe] => (Allow) E:\blizzard\wow\diablo iii\diablo iii.exe

FirewallRules: [TCP Query User{C7016FB5-7B02-4511-B571-BB2ED3828EB6}E:\blizzard\wow\diablo iii\diablo iii.exe] => (Allow) E:\blizzard\wow\diablo iii\diablo iii.exe

FirewallRules: [{52504E1F-D98A-474D-80A6-427F6E9ED6D6}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\legacy\DefendersQuest.exe

FirewallRules: [{9BB7D6E3-571B-4CA3-A628-C3C878BA73C1}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\legacy\DefendersQuest.exe

FirewallRules: [{1CB692BE-4DCB-406A-82C0-497B236F9D5F}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\deluxe_gl\DefendersQuest.exe

FirewallRules: [{05294207-AE4F-45D5-A565-692CECA5DE7F}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\deluxe_gl\DefendersQuest.exe

FirewallRules: [{2D6AE47F-3C5D-41D2-9FE2-8E7A8E3880E6}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\deluxe\DefendersQuest.exe

FirewallRules: [{EDEFFB79-875A-4DE8-8B2A-51BAFD58DCF7}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\deluxe\DefendersQuest.exe

FirewallRules: [{A9D6D18C-28D5-49AA-B4DA-77BAD50DF944}] => (Allow) E:\SteamLibrary\steamapps\common\FLYN\Source\Flyn.exe

FirewallRules: [{48561776-1537-44AB-84D5-32FC1161DAFB}] => (Allow) E:\SteamLibrary\steamapps\common\FLYN\Source\Flyn.exe

FirewallRules: [{1E850C0D-430F-41E5-B03C-507396E83484}] => (Allow) E:\SteamLibrary\steamapps\common\Town of Salem\TownOfSalem.exe

FirewallRules: [{2BA9BA11-3B30-416D-BFE7-EC60C21B8BAC}] => (Allow) E:\SteamLibrary\steamapps\common\Town of Salem\TownOfSalem.exe

FirewallRules: [{207A690A-EBAD-4B79-91E2-1A37F2F422A4}] => (Allow) E:\SteamLibrary\steamapps\common\Reassembly\win32\ReassemblyRelease.exe

FirewallRules: [{D1A3E164-C346-4C5D-98D0-D587E1779D45}] => (Allow) E:\SteamLibrary\steamapps\common\Reassembly\win32\ReassemblyRelease.exe

FirewallRules: [{E7899F74-50A0-4974-812C-3B649BF6E37C}] => (Allow) E:\SteamLibrary\steamapps\common\eden\eden_en.exe

FirewallRules: [{95247444-8583-404D-BFD1-FB5404012DF5}] => (Allow) E:\SteamLibrary\steamapps\common\eden\eden_en.exe

FirewallRules: [{53DB08CE-79FF-4942-A843-DD593EDD9C1D}] => (Allow) E:\SteamLibrary\steamapps\common\The Legend of Korra\LoK.exe

FirewallRules: [{6EEBE087-E047-45B4-93F8-AA685B05B0AB}] => (Allow) E:\SteamLibrary\steamapps\common\The Legend of Korra\LoK.exe

FirewallRules: [{7C6A27E4-104D-4790-AEB7-6DC86F6603F9}] => (Allow) E:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe

FirewallRules: [{8B817F37-0AF1-4D5A-A4FF-EDA39464B887}] => (Allow) E:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe

FirewallRules: [{5698C48F-64A1-430E-B005-5452A253F877}] => (Allow) E:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe

FirewallRules: [{5DF0DD7F-B08B-451B-8E32-7E378C535F5E}] => (Allow) E:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe

FirewallRules: [UDP Query User{8108D924-11F5-406D-9675-35ABD52E1298}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe

FirewallRules: [TCP Query User{CDD43A0B-896C-4D9C-814A-8C6A21914D98}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe

FirewallRules: [UDP Query User{35CB0556-901C-4E3F-AB69-352F4FAA365F}E:\blizzard\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base47185\sc2_x64.exe

FirewallRules: [TCP Query User{0C7ABB61-E934-4AF0-9671-2D61D66902C9}E:\blizzard\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base47185\sc2_x64.exe

FirewallRules: [{88ED8420-117D-485D-8AF7-1B3B84F565F9}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life A Place in the West\apw.exe

FirewallRules: [{B9984CF8-3412-46C0-B6D9-310BD5DC8845}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life A Place in the West\apw.exe

FirewallRules: [{4B12AF19-0DC7-45B4-A98A-8D3C486D2058}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{5450463A-C66C-45C4-90BF-467E7A647114}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{3F55C1D1-6BCA-4CBE-9905-BDBB040BE290}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{586801D9-32E3-477C-8B1D-65D1D4C8EA58}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{99A22B43-DC33-4081-9A63-0431EB6FC27E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{B8D8FF17-2188-4338-BCA2-381A7914805D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{ACB6A046-38ED-40D2-9378-B832A66D6C50}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{91611A45-17B4-4B6D-B710-921DAC047126}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{AF9F4B70-46D1-4931-8400-D7B6033C4A1B}] => (Allow) LPort=2869

FirewallRules: [{B3CA448E-B35D-475A-BEFE-D9A0FBB58491}] => (Allow) LPort=1900

FirewallRules: [{B6EADB50-0F12-4FCD-B317-3491A1A979AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{AB9B8BB9-E96B-4B6D-BDD0-DDC075310E87}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{A9E12141-C34C-4244-B3B7-3E8780E997D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{D44C05FF-3ABF-46A1-AB69-BD89D5DA679F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{1B64B2F9-DC5F-4471-A832-C66A03AABC47}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [TCP Query User{F1388BE8-6C48-4885-8E5C-E5152065CAE9}C:\program files (x86)\twitch gui\livestreamer-twitch-gui\livestreamer-twitch-gui.exe] => (Allow) C:\program files (x86)\twitch gui\livestreamer-twitch-gui\livestreamer-twitch-gui.exe

FirewallRules: [UDP Query User{2C622E03-489C-4C82-9C1C-AB5CCFA2ACAA}C:\program files (x86)\twitch gui\livestreamer-twitch-gui\livestreamer-twitch-gui.exe] => (Allow) C:\program files (x86)\twitch gui\livestreamer-twitch-gui\livestreamer-twitch-gui.exe

FirewallRules: [TCP Query User{54940359-F2BF-43FA-84AD-6E18EDF60573}C:\program files (x86)\livestreamer\livestreamer.exe] => (Allow) C:\program files (x86)\livestreamer\livestreamer.exe

FirewallRules: [UDP Query User{4B700B45-763D-4C2D-8AC3-A3031E67FF71}C:\program files (x86)\livestreamer\livestreamer.exe] => (Allow) C:\program files (x86)\livestreamer\livestreamer.exe

FirewallRules: [TCP Query User{1C12A83D-AC3E-4B30-B2CE-F1A4A02BBC0A}E:\blizzard\hearthstone\hearthstone.exe] => (Allow) E:\blizzard\hearthstone\hearthstone.exe

FirewallRules: [UDP Query User{81FEBAC8-7CCE-455C-A8D4-629AFB99DB7B}E:\blizzard\hearthstone\hearthstone.exe] => (Allow) E:\blizzard\hearthstone\hearthstone.exe

FirewallRules: [{185C2B14-F458-44F4-857F-F7E81B583C7A}] => (Allow) E:\SteamLibrary\steamapps\common\TheBugButcher\TheBugButcher.exe

FirewallRules: [{D7B25474-6682-4E85-9849-FDCC4D952188}] => (Allow) E:\SteamLibrary\steamapps\common\TheBugButcher\TheBugButcher.exe

FirewallRules: [TCP Query User{99CD7B9A-6571-4212-B195-7560B9F9C251}E:\pokemon go\necrobot-master\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{66E92727-29D6-4200-A81D-8B18F6D701A6}E:\pokemon go\necrobot-master\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{62572F69-CB8D-46A4-A748-02FDD04BF2C2}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\release_necro\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\release_necro\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{77DCCE4B-DC19-4B63-BE18-3C68F35F4BFF}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\release_necro\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\release_necro\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{5B4B9528-12D5-4715-A499-E3EDA7F52016}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{1EE7CB5C-0F12-4A7F-A0AD-8BDD518732B8}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{49FE9024-5FD6-4275-BC60-842AA56ADBF6}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{984684D1-D8E4-4240-BA7F-34B8B020A93F}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{F1000CB0-683A-4E09-8DEB-87B7AA106032}E:\pokemon go\necrobot-master - teacheronisenpai\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teacheronisenpai\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{073DA70B-920C-4992-9520-74B9D204515D}E:\pokemon go\necrobot-master - teacheronisenpai\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teacheronisenpai\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{3F4E5831-D75D-4AC2-9458-1C14E0E88AC0}E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{1368571E-529B-40E6-9816-8C071D0739C1}E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [{C690E2AA-06E0-4FF7-A067-75BD33219D63}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{755941BD-D5ED-41BA-85D1-DD403BA5B2AF}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{C4BD3181-C401-444E-8BB2-FCBD293D2604}] => (Allow) E:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe

FirewallRules: [{773A4B1D-DC85-4BCF-8A58-F2DAD93669EF}] => (Allow) E:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe

FirewallRules: [TCP Query User{898FD05B-B0B7-44D0-9F73-074EC316356D}E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{45C71E27-3590-4BFE-A33D-95A26D98DC81}E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{9E7635C3-6EEC-4009-8C80-C5353CBAF2AA}E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [UDP Query User{E9D9BDFF-1433-4038-BBFC-E610694DBC45}E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [TCP Query User{9C1CF9B9-4E77-4EC5-A91F-E62293CEF7F9}E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [UDP Query User{7B850A07-1AF5-4444-8C0B-3F90827ACD1D}E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [TCP Query User{FEF0E3ED-C422-40B8-A4FB-D3ECAA2C3E4D}E:\pokemon go\necrobot-0.2.1 tatsuya77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Block) E:\pokemon go\necrobot-0.2.1 tatsuya77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [UDP Query User{1D5E3A24-0962-4B06-B876-5CA058C6B93F}E:\pokemon go\necrobot-0.2.1 tatsuya77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Block) E:\pokemon go\necrobot-0.2.1 tatsuya77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [TCP Query User{EEE725C5-87CB-4F09-BDF6-E253D32936D3}E:\pokemon go\necrobot-0.2.1 teacheronisenpai\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teacheronisenpai\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [UDP Query User{6777D8E7-AA82-41A8-8167-3E439D9A0C2C}E:\pokemon go\necrobot-0.2.1 teacheronisenpai\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teacheronisenpai\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [TCP Query User{938B8DD0-179C-464C-B7CD-FCD4293DC7D7}E:\pokemon go\necrobot-0.3.3\release mewmew\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release mewmew\necrobot.exe

FirewallRules: [UDP Query User{D67BE6C9-54A6-4032-A58A-8913FA1D781C}E:\pokemon go\necrobot-0.3.3\release mewmew\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release mewmew\necrobot.exe

FirewallRules: [TCP Query User{A582540E-16EB-4AC1-A94E-BE86727189B7}E:\pokemon go\necrobot-0.3.3\release - tatsuya77\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release - tatsuya77\necrobot.exe

FirewallRules: [UDP Query User{9A4FBEE0-17AE-49DB-9741-96A2009E9B5F}E:\pokemon go\necrobot-0.3.3\release - tatsuya77\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release - tatsuya77\necrobot.exe

FirewallRules: [TCP Query User{5CE91934-7DAD-48CD-B605-9119B186E223}E:\pokemon go\necrobot-0.3.3\release - teacheronisenpai\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release - teacheronisenpai\necrobot.exe

FirewallRules: [UDP Query User{3D05DEBD-5C60-4624-A15F-96A328407633}E:\pokemon go\necrobot-0.3.3\release - teacheronisenpai\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release - teacheronisenpai\necrobot.exe

FirewallRules: [TCP Query User{CAE2BB14-0043-4D3B-B9F5-25D5A7D07CB5}E:\pokemon go\necrobot-0.4.0\release teacheronisenpai\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.4.0\release teacheronisenpai\necrobot.exe

FirewallRules: [UDP Query User{862B7CE9-2C28-4EC8-A098-2B34169EBCEF}E:\pokemon go\necrobot-0.4.0\release teacheronisenpai\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.4.0\release teacheronisenpai\necrobot.exe

FirewallRules: [TCP Query User{8CE58C69-A60B-4687-8F1D-57BF9298CDEE}E:\pokemon go\pokemobbot 1.0\release tatsuya77 sf pier thund3r737\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.0\release tatsuya77 sf pier thund3r737\pokemobbot.exe

FirewallRules: [UDP Query User{445B65D1-3206-47BF-BE5D-8C9DA0A249D4}E:\pokemon go\pokemobbot 1.0\release tatsuya77 sf pier thund3r737\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.0\release tatsuya77 sf pier thund3r737\pokemobbot.exe

FirewallRules: [TCP Query User{E64425DD-F395-4C73-B93C-95E539A95673}E:\pokemon go\necrobot-0.4.0\release tatsuyasenpai77\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.4.0\release tatsuyasenpai77\necrobot.exe

FirewallRules: [UDP Query User{85EC2109-3037-4D21-AD6C-D68CE97EDA77}E:\pokemon go\necrobot-0.4.0\release tatsuyasenpai77\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.4.0\release tatsuyasenpai77\necrobot.exe

FirewallRules: [TCP Query User{6558560E-7E27-4D83-8025-E5ED4A9FF327}E:\pokemon go\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe] => (Allow) E:\pokemon go\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe

FirewallRules: [UDP Query User{AC2317F7-A1DF-49FC-AB48-9EEE328B4790}E:\pokemon go\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe] => (Allow) E:\pokemon go\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe

FirewallRules: [TCP Query User{A77FC43A-E32B-4A35-9F8D-9461B33026AF}E:\pokemon go\pokemobbot 1.0\release thund3r777 ffm\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.0\release thund3r777 ffm\pokemobbot.exe

FirewallRules: [UDP Query User{8E4AC1E3-9CA6-4C07-BA05-9CD420A4546E}E:\pokemon go\pokemobbot 1.0\release thund3r777 ffm\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.0\release thund3r777 ffm\pokemobbot.exe

FirewallRules: [TCP Query User{98B3718B-7DDB-47D0-B79A-DB994F391348}E:\pokemon go\pokemobbot 1.1.3\release thund3r777 ffm\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release thund3r777 ffm\pokemobbot.exe

FirewallRules: [UDP Query User{43A9DB61-BE24-4BB4-A2ED-C2499F02FABC}E:\pokemon go\pokemobbot 1.1.3\release thund3r777 ffm\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release thund3r777 ffm\pokemobbot.exe

FirewallRules: [TCP Query User{DAEC47B0-6DCE-45C1-8352-9D58B6547EDC}E:\pokemon go\pokemobbot 1.1.3\release thund3r737 sfpier\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release thund3r737 sfpier\pokemobbot.exe

FirewallRules: [UDP Query User{3B04D35D-2637-4DB0-BAAA-B9CB3E256740}E:\pokemon go\pokemobbot 1.1.3\release thund3r737 sfpier\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release thund3r737 sfpier\pokemobbot.exe

FirewallRules: [TCP Query User{F39321AF-63DB-4070-AB58-D67E50C865E5}E:\pokemon go\pokemobbot 1.1.3\release teacheronisenpai sydney\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release teacheronisenpai sydney\pokemobbot.exe

FirewallRules: [UDP Query User{13FC740F-616A-4CFB-9E1F-77E5ABA3C93B}E:\pokemon go\pokemobbot 1.1.3\release teacheronisenpai sydney\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release teacheronisenpai sydney\pokemobbot.exe

FirewallRules: [{54E156B1-1D17-4800-A28F-84B37323E7A5}] => (Allow) C:\Users\User_PC\AppData\Roaming\Nox\bin\Nox.exe

FirewallRules: [{AF3DAAA7-F965-4D07-A496-10F79D3F679F}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe

FirewallRules: [{D633765C-D237-487E-86AE-8B8413EA6113}] => (Allow) E:\SteamLibrary\steamapps\common\GlassWire\GWLauncher.exe

FirewallRules: [{64835095-14D2-437F-B225-CAA1431F93AF}] => (Allow) E:\SteamLibrary\steamapps\common\GlassWire\GWLauncher.exe

FirewallRules: [{8E7487F3-9AF7-445B-95B3-C0787AB6F8BC}] => (Allow) E:\SteamLibrary\steamapps\common\Istrolid\istrolid.exe

FirewallRules: [{7BC64B69-D3D1-4E86-9B20-9108A97B2EDD}] => (Allow) E:\SteamLibrary\steamapps\common\Istrolid\istrolid.exe

FirewallRules: [{4138E351-B70A-4D69-920E-3A0CDE2CB40C}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{DDCCF5B1-64E2-4893-B7AE-649C8E579CDF}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{8336102C-B7E1-4BE4-9654-2CC71E6A0C26}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{2A5E6A7B-50C6-4731-9C66-42366CAFFFDE}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{5A56A2C0-DBC1-44CA-888F-B32B2C4163B9}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{A3370D95-A28E-48BC-8B8F-A72FCF64CC5D}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{84FACB95-9322-4984-B6EE-0CCD750CEBCD}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe

FirewallRules: [{56D20438-8DB9-4974-8438-721BEAF11FA8}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe

FirewallRules: [{4827F750-5E09-4015-8A70-5DD169A1277D}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe

FirewallRules: [{2AF6475C-0942-42CE-A097-DFB9A5166CEA}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe

FirewallRules: [{B9FDE1F7-D773-4D73-A48C-C6A6E14F348C}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe

FirewallRules: [{D00B6F1C-542D-4758-A28C-00133B18113E}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe

FirewallRules: [{8C418241-4F39-478A-9C5B-CABC3D7BC458}] => (Allow) E:\SteamLibrary\steamapps\common\Guns, Gore and Cannoli\ggc.exe

FirewallRules: [{96DFB0ED-C948-4D05-967A-F217DE0D2D17}] => (Allow) E:\SteamLibrary\steamapps\common\Guns, Gore and Cannoli\ggc.exe

FirewallRules: [{CB88CC24-DC2B-4C40-A383-DB720030FC1B}] => (Allow) E:\SteamLibrary\steamapps\common\Quell Memento\QuellMemento.exe

FirewallRules: [{9D669EA6-A488-45BA-AE1F-8C7BA25FBDAE}] => (Allow) E:\SteamLibrary\steamapps\common\Quell Memento\QuellMemento.exe

FirewallRules: [{A6DD3336-66C7-4872-8169-D90210384ADF}] => (Allow) E:\SteamLibrary\steamapps\common\Valkyria Chronicles\Launcher.exe

FirewallRules: [{9794D608-AFE1-452C-B902-8E37A675A9A9}] => (Allow) E:\SteamLibrary\steamapps\common\Valkyria Chronicles\Launcher.exe

FirewallRules: [{E0EF4CEC-6D34-4987-BB83-2D16B4D1D86E}] => (Allow) E:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe

FirewallRules: [{E07644BB-BF77-4C20-ABD0-AF8D10A1792E}] => (Allow) E:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe

FirewallRules: [{8C8F707F-0492-49FF-9153-D9A1161C99FF}] => (Allow) E:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{A2C1D4F1-EC66-4BF1-8E17-417F165646F4}] => (Allow) E:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [TCP Query User{008534BB-A2FF-468B-976A-1A01E3257813}E:\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) E:\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe

FirewallRules: [UDP Query User{84CDDB97-410F-422A-924B-931F12BE4E38}E:\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) E:\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe

FirewallRules: [{65E655CE-6E27-463A-A8D5-50E3C71E2ECE}] => (Allow) E:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe

FirewallRules: [{302EF39B-8F39-4A2F-B4B1-300645931F17}] => (Allow) E:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
 

==================== Wiederherstellungspunkte =========================
 

21-05-2017 19:13:04 Geplanter Prüfpunkt

23-05-2017 15:17:38 DirectX wurde installiert

29-05-2017 17:51:32 DirectX wurde installiert
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (06/05/2017 04:32:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 1.D.9.A.5.5.A.3.A.A.A.0.3.4.1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR TStar-2.local.
 

Error: (06/05/2017 04:32:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353   13 1.D.9.A.5.5.A.3.A.A.A.0.3.4.1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR TStar.local.
 

Error: (06/05/2017 04:32:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 100.2.168.192.in-addr.arpa. PTR TStar-2.local.
 

Error: (06/05/2017 04:32:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353   13 100.2.168.192.in-addr.arpa. PTR TStar.local.
 

Error: (06/05/2017 04:32:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Local Hostname TStar.local already in use; will try TStar-2.local instead
 

Error: (06/05/2017 04:32:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 TStar.local. Addr 192.168.2.100
 

Error: (06/05/2017 04:32:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353   16 TStar.local. AAAA 2003:00DE:BBE1:4258:2143:0AAA:3A55:A9D1
 

Error: (06/05/2017 04:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 TStar.local. AAAA FE80:0000:0000:0000:2143:0AAA:3A55:A9D1
 

Error: (06/05/2017 04:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353   16 TStar.local. AAAA 2003:00DE:BBE1:4258:2143:0AAA:3A55:A9D1
 

Error: (06/05/2017 04:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 TStar.local. Addr 192.168.2.100
 
 

Systemfehler:

=============

Error: (06/05/2017 04:30:01 PM) (Source: DCOM) (EventID: 10016) (User: TSTAR)

Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "TSTAR\H4wk" (SID: S-1-5-21-2080308072-346064868-999961720-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 

{7022A3B3-D004-4F52-AF11-E9E987FEE25F}

 und der APPID 

{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}

 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 

Error: (06/05/2017 04:30:01 PM) (Source: DCOM) (EventID: 10016) (User: TSTAR)

Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "TSTAR\H4wk" (SID: S-1-5-21-2080308072-346064868-999961720-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 

{7022A3B3-D004-4F52-AF11-E9E987FEE25F}

 und der APPID 

{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}

 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 

Error: (06/05/2017 04:29:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "SysMain" wurde mit folgendem Fehler beendet: 

Die Anforderung wird nicht unterstützt.
 

Error: (06/05/2017 04:29:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 

Die Anforderung wird nicht unterstützt.
 

Error: (06/05/2017 04:17:51 PM) (Source: DCOM) (EventID: 10010) (User: TSTAR)

Description: Der Server "Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXx19q0gyvntjc9d3jsjsfaertqgy617se.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 

Error: (06/05/2017 04:16:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "SysMain" wurde mit folgendem Fehler beendet: 

Die Anforderung wird nicht unterstützt.
 

Error: (06/05/2017 04:16:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 

Die Anforderung wird nicht unterstützt.
 

Error: (06/05/2017 04:15:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
 

Error: (06/05/2017 04:15:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

Die Anforderung wird nicht unterstützt.
 
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 

Error: (06/05/2017 04:15:11 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA Display Container LS" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 

Es wird bereits eine Instanz des Dienstes ausgeführt.
 
 

CodeIntegrity:

===================================

  Date: 2017-05-26 10:34:35.275

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-05-26 10:34:34.956

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-05-23 14:35:32.425

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-05-23 14:35:31.888

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-05-20 18:49:39.418

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.104.210.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2017-05-20 18:49:39.410

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.104.210.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2017-05-20 18:49:39.397

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.104.210.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2017-05-20 18:49:39.383

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.104.210.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2017-05-20 18:49:39.369

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.104.210.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2017-05-20 18:49:39.356

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.104.210.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz

Prozentuale Nutzung des RAM: 30%

Installierter physikalischer RAM: 16319.7 MB

Verfügbarer physikalischer RAM: 11413.9 MB

Summe virtueller Speicher: 18751.7 MB

Verfügbarer virtueller Speicher: 13050.39 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows) (Fixed) (Total:223.13 GB) (Free:125.59 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

Drive d: (Daten) (Fixed) (Total:935.16 GB) (Free:610.24 GB) NTFS

Drive e: (Games) (Fixed) (Total:927.73 GB) (Free:475.11 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 91F501AD)

Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
 

==================== Ende von Addition.txt ============================

Bitte Avira deinstallieren. Am besten mit Revo, siehe weiter unten. Bei der Gelegenheit hauen wir auch alten/unnötigen Mist runter.

Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Adobe Acrobat Reader DC

Adobe Flash Player 23 NPAPI

Avira Antivirus

Avira Connect

JDownloader 2
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

Hallo Cosinus!
Schonmal vorab vielen Dank, dass du dich meinem Problem angenommen hast.
Ich habe alle deine Schritte befolgt und die gewünschten Programme mit Revo entfernt.

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Ok ist erledigt.
Congratulations no Clean up needed!

Code:

Malwarebytes Anti-Rootkit BETA 1.9.3.1001

www.malwarebytes.org
 

Database version:

  main:    v2017.06.06.05

  rootkit: v2017.05.27.01
 

Windows 10 x64 NTFS

Internet Explorer 11.296.15063.0

H4wk :: TSTAR [administrator]
 

06.06.2017 15:48:14

mbar-log-2017-06-06 (15-48-14).txt
 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 323994

Time elapsed: 10 minute(s), 24 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

Physical Sectors Detected: 0

(No malicious items detected)
 

(end)

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass adwCleaner so eingestellt wie auf diesem Screenshot zu sehen:

http://saved.im/mtg4nzk1egdo/malware...r-settings.png
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Ok ging auch beides flott durch. Hier die Logfiles:

Code:

# AdwCleaner v6.047 - Bericht erstellt am 06/06/2017 um 16:14:17

# Aktualisiert am 19/05/2017 von Malwarebytes

# Datenbank : 2017-06-05.1 [Server]

# Betriebssystem : Windows 10 Home  (X64)

# Benutzername : H4wk - TSTAR

# Gestartet von : C:\Users\User_PC\Desktop\adwcleaner_6.047.exe

# Modus: Löschen

# Unterstützung : https://www.malwarebytes.com/support
 
 
 

***** [ Dienste ] *****
 
 
 

***** [ Ordner ] *****
 
 
 

***** [ Dateien ] *****
 
 
 

***** [ DLL ] *****
 
 
 

***** [ WMI ] *****
 
 
 

***** [ Verknüpfungen ] *****
 
 
 

***** [ Aufgabenplanung ] *****
 
 
 

***** [ Registrierungsdatenbank ] *****
 
 
 

***** [ Browser ] *****
 
 
 

*************************
 

:: "Tracing" Schlüssel gelöscht

:: Winsock Einstellungen zurückgesetzt

:: "Prefetch" Dateien gelöscht

:: Proxy Einstellungen zurückgesetzt

:: Internet Explorer Richtlinien gelöscht

:: Chrome Richtlinien gelöscht
 

*************************
 

C:\AdwCleaner\AdwCleaner[C0].txt - [1653 Bytes] - [16/08/2016 10:07:15]

C:\AdwCleaner\AdwCleaner[C2].txt - [6446 Bytes] - [05/06/2017 16:15:18]

C:\AdwCleaner\AdwCleaner[C3].txt - [1103 Bytes] - [06/06/2017 16:14:17]

C:\AdwCleaner\AdwCleaner[S0].txt - [1783 Bytes] - [16/08/2016 10:04:51]

C:\AdwCleaner\AdwCleaner[S1].txt - [6060 Bytes] - [05/06/2017 16:14:12]

C:\AdwCleaner\AdwCleaner[S2].txt - [1613 Bytes] - [05/06/2017 16:20:41]

C:\AdwCleaner\AdwCleaner[S3].txt - [1686 Bytes] - [05/06/2017 16:38:29]

C:\AdwCleaner\AdwCleaner[S4].txt - [1775 Bytes] - [06/06/2017 16:13:59]
 

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1541 Bytes] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.1.3 (04.10.2017)

Operating System: Windows 10 Home x64 

Ran by H4wk (Administrator) on 06.06.2017 at 16:16:35,72

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

File System: 0 
 
 
 
 

Registry: 2 
 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7} (Registry Key)
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 06.06.2017 at 16:17:37,22

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

FRST:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2017

durchgeführt von H4wk (Administrator) auf TSTAR (06-06-2017 17:18:48)

Gestartet von D:\Web DL

Geladene Profile: H4wk (Verfügbare Profile: H4wk)

Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Micro-Star International) C:\MSI\Smart Utilities\SuperRAIDSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

() C:\Program Files (x86)\Windscribe\WindscribeService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe

() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe

(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe

(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

() D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

() D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

() D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

(Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

() C:\Program Files (x86)\Livestreamer\livestreamer.exe

(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8804608 2016-04-29] (Realtek Semiconductor)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)

HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)

HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11340752 2016-06-28] (Micro-Star INT'L CO., LTD.)

HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()

HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1015808 2016-05-19] (MSI)

HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)

HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [533616 2017-02-15] (Citrix Systems, Inc.)

HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [324720 2017-02-15] (Citrix Systems, Inc.)

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation)

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [7647848 2016-07-24] ()
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Tcpip\..\Interfaces\{b0ad2bc9-2625-4352-a9a8-fe4ff4d333e1}: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-c7978f4d

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c7978f4d&q={searchTerms}

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c7978f4d&q={searchTerms}

SearchScopes: HKLM -> {d4fee3d1-1014-4db8-a824-573bf9ab51c7} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c7978f4d&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2080308072-346064868-999961720-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)

Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-02-15] (Citrix Systems, Inc.)
 

FireFox:

========

FF DefaultProfile: 4zcm0j12.default

FF ProfilePath: C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default [2017-06-05]

FF NewTab: Mozilla\Firefox\Profiles\4zcm0j12.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-c7978f4d

FF DefaultSearchEngine: Mozilla\Firefox\Profiles\4zcm0j12.default -> Bing

FF SelectedSearchEngine: Mozilla\Firefox\Profiles\4zcm0j12.default -> Bing

FF Homepage: Mozilla\Firefox\Profiles\4zcm0j12.default -> about:home

FF Extension: (Windscribe) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\@windscribeff.xpi [2016-10-05]

FF Extension: (Avira Browser Safety) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\abs@avira.com.xpi [2017-05-27]

FF Extension: (convert2mp3.net YouTube2MP3 Converter) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\info@convert2mp3.net.xpi [2017-05-27]

FF Extension: (NoScript) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-05-31]

FF Extension: (Adblock Plus) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-30]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()

FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2017-02-15] (Citrix Systems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default [2017-06-06]

CHR Extension: (Google Präsentationen) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-27]

CHR Extension: (Google Docs) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-27]

CHR Extension: (Google Drive) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-27]

CHR Extension: (YouTube) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-27]

CHR Extension: (Adblock Plus) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]

CHR Extension: (Google Tabellen) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-27]

CHR Extension: (Avira Browserschutz) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-06]

CHR Extension: (Google Docs Offline) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-27]

CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2017-06-06]

CHR Extension: (TwitchAlerts Stream Labels) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmggmdngboajiakmbpdknfpdelbjbcg [2017-01-16]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]

CHR Extension: (ScriptSafe) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2017-01-27]

CHR Extension: (Google Mail) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-27]

CHR Extension: (Chrome Media Router) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]

CHR Extension: (convert2mp3.net Online Video Converter) - D:\Web DL\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl: hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ACHTUNG

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1467912 2017-01-31] ()

S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [399120 2017-02-14] (EasyAntiCheat Ltd)

S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-06-14] (MSI)

S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2200872 2016-02-01] (MSI)

S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4162144 2016-05-19] (MSI)

R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014160 2016-03-04] (MSI)

R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2328160 2016-07-01] (MSI)

S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-06-02] (MSI)

S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [598112 2016-06-02] (MSI)

R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)

R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2247120 2016-06-28] (Micro-Star INT'L CO., LTD.)

R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)

R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-18] (NVIDIA Corporation)

S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-05-14] (Overwolf LTD)

R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)

R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-05-02] (Razer Inc.)

R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178312 2017-05-02] (Razer Inc.)

R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()

S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [163688 2016-08-02] (Sophos Limited)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)

R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2014-08-13] (Micro-Star International)

S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-17] (Microsoft Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [47208 2016-07-24] ()

R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel(R) Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)

R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)

S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)

R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)

R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)

R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)

R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)

R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)

R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7209bde3180ef5f7\nvlddmkm.sys [14458264 2017-05-19] (NVIDIA Corporation)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)

R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-03-22] (Realtek                                            )

R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)

S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc)

S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc)

R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)

R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)

S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)

S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc)

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)

S3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-01-06] (Windows (R) Win 7 DDK provider)

R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)

S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-06-06 16:17 - 2017-06-06 16:17 - 00000810 _____ C:\Users\User_PC\Desktop\JRT.txt

2017-06-06 16:15 - 2017-06-06 16:15 - 01663672 _____ (Malwarebytes) C:\Users\User_PC\Desktop\JRT.exe

2017-06-06 16:15 - 2017-06-06 16:15 - 00001623 _____ C:\Users\User_PC\Desktop\AdwCleaner[C3].txt

2017-06-06 15:48 - 2017-06-06 15:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2017-06-06 15:46 - 2017-06-06 15:58 - 00000000 ____D C:\Users\User_PC\Desktop\mbar

2017-06-06 15:44 - 2017-06-06 15:44 - 16563352 _____ (Malwarebytes Corp.) C:\Users\User_PC\Desktop\mbar-1.09.3.1001.exe

2017-06-06 15:27 - 2017-06-06 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

2017-06-06 15:27 - 2017-06-06 15:27 - 00000000 ____D C:\Program Files\VS Revo Group

2017-06-05 18:56 - 2017-06-05 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2017-06-05 18:56 - 2017-06-05 18:56 - 00000000 ____D C:\Program Files (x86)\7-Zip

2017-06-05 18:34 - 2017-06-05 18:58 - 00000000 ____D C:\Users\User_PC\Desktop\trojan board

2017-06-05 18:28 - 2017-06-06 17:18 - 00000000 ____D C:\FRST

2017-06-05 16:44 - 2017-06-05 16:44 - 00002309 _____ C:\Users\User_PC\Desktop\Kindle.lnk

2017-06-05 16:44 - 2017-06-05 16:44 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2017-06-05 16:21 - 2017-06-06 16:14 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-06-05 16:21 - 2017-06-05 16:21 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-06-05 16:21 - 2017-06-05 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-06-05 16:21 - 2017-06-05 16:21 - 00000000 ____D C:\Program Files\Malwarebytes

2017-06-05 16:21 - 2017-05-31 11:09 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-06-05 14:42 - 2017-06-05 14:42 - 04110280 _____ C:\Users\User_PC\Desktop\adwcleaner_6.047.exe

2017-05-28 16:47 - 2017-05-28 16:47 - 00000000 ____D C:\Users\User_PC\AppData\Local\PAYDAY 2

2017-05-28 16:47 - 2017-05-28 16:47 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies

2017-05-27 18:39 - 2017-06-05 21:43 - 00000000 ____D C:\Users\User_PC\AppData\LocalLow\Mozilla

2017-05-27 18:39 - 2017-05-28 17:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2017-05-26 09:43 - 2017-05-26 09:43 - 00000104 _____ C:\WINDOWS\StartUp.INI

2017-05-25 21:16 - 2017-05-25 21:16 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\MMFApplications

2017-05-25 11:58 - 2017-05-25 11:58 - 00000000 ____D C:\Program Files (x86)\VulkanRT

2017-05-25 11:58 - 2017-05-18 09:35 - 00513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2017-05-25 11:58 - 2017-05-18 09:35 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2017-05-25 11:58 - 2017-05-18 07:21 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2017-05-25 11:58 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll

2017-05-25 11:58 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2017-05-25 11:58 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe

2017-05-25 11:58 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2017-05-25 11:56 - 2017-05-18 09:35 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 35390072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 35282040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 28624504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 10551072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 03797112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438233.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438233.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 01056704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00993912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00964032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00612272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00583800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2017-05-25 11:56 - 2017-05-18 09:35 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2017-05-25 11:52 - 2017-05-25 11:58 - 00000000 ____D C:\WINDOWS\LastGood.Tmp

2017-05-25 11:52 - 2017-05-25 11:52 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-25 11:52 - 2017-05-25 11:52 - 00001492 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2017-05-25 11:52 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll

2017-05-25 11:52 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2017-05-23 15:18 - 2017-05-23 17:47 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\ICAClient

2017-05-23 15:18 - 2017-05-23 15:18 - 00001642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk

2017-05-23 15:17 - 2017-05-30 16:32 - 00000000 ____D C:\Users\User_PC\AppData\Local\Citrix

2017-05-23 15:17 - 2017-05-23 15:18 - 00000000 ____D C:\ProgramData\Citrix

2017-05-23 15:17 - 2017-05-23 15:18 - 00000000 ____D C:\Program Files (x86)\Citrix

2017-05-23 15:17 - 2017-05-23 15:17 - 48612464 _____ (Citrix Systems, Inc.) C:\Users\User_PC\Downloads\CitrixReceiver.exe

2017-05-23 12:35 - 2017-06-05 12:27 - 00000000 ____D C:\Users\User_PC\Desktop\Steuern

2017-05-23 11:28 - 2017-06-05 16:45 - 00000000 ____D C:\Users\User_PC\Documents\My Kindle Content

2017-05-23 11:27 - 2017-06-05 16:44 - 00000000 ____D C:\Users\User_PC\AppData\Local\Amazon

2017-05-20 15:22 - 2017-05-20 15:31 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\TeamViewer

2017-05-19 09:35 - 2017-05-19 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker

2017-05-18 20:00 - 2017-05-18 20:00 - 00000000 ____D C:\Users\User_PC\AppData\LocalLow\Crazy Monkey Studios

2017-05-18 18:20 - 2017-05-18 18:20 - 00000000 ____D C:\Users\User_PC\AppData\Local\DBG

2017-05-16 15:14 - 2017-05-16 15:15 - 00000070 _____ C:\Users\User_PC\Desktop\td business go.txt

2017-05-16 11:58 - 2017-05-22 09:53 - 00000160 _____ C:\Users\User_PC\Desktop\td gewerbe.txt

2017-05-13 13:29 - 2017-05-13 13:29 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 05776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-05-13 13:29 - 2017-05-13 13:29 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-05-13 13:29 - 2017-05-13 13:29 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2017-05-13 13:29 - 2017-05-13 13:29 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2017-05-13 13:29 - 2017-05-13 13:29 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2017-05-13 13:29 - 2017-05-13 13:29 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2017-05-13 13:29 - 2017-05-13 13:29 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2017-05-13 13:29 - 2017-05-13 13:29 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys

2017-05-13 13:29 - 2017-05-13 13:29 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin

2017-05-13 13:29 - 2017-05-13 13:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-05-13 13:29 - 2017-05-13 13:29 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2017-05-13 13:29 - 2017-05-13 13:29 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-05-13 13:28 - 2017-03-17 23:48 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll

2017-05-13 13:28 - 2017-03-17 23:08 - 17777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll

2017-05-13 13:28 - 2017-03-17 23:05 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll

2017-05-13 13:28 - 2017-03-17 23:02 - 00393216 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe

2017-05-13 13:28 - 2017-03-17 22:59 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll

2017-05-13 13:28 - 2017-03-17 22:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll

2017-05-13 13:28 - 2017-03-17 22:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll

2017-05-13 13:28 - 2017-03-17 22:53 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll

2017-05-13 13:28 - 2017-03-17 22:52 - 04897280 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe

2017-05-13 13:28 - 2017-03-17 22:49 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll

2017-05-13 13:28 - 2017-03-17 22:49 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll

2017-05-13 13:28 - 2017-03-17 22:48 - 13785600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll

2017-05-13 13:28 - 2017-03-17 22:47 - 06806016 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll

2017-05-13 13:28 - 2017-03-17 22:46 - 00370176 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe

2017-05-13 13:28 - 2017-03-17 22:44 - 01977344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll

2017-05-13 13:28 - 2017-03-17 22:44 - 01174528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe

2017-05-13 13:28 - 2017-03-17 22:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll

2017-05-13 13:28 - 2017-03-17 22:44 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll

2017-05-13 13:28 - 2017-03-17 22:43 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll

2017-05-13 13:28 - 2017-03-17 22:43 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll

2017-05-13 13:28 - 2017-03-17 22:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll

2017-05-13 13:28 - 2017-03-17 22:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll

2017-05-13 13:28 - 2017-03-17 22:41 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll

2017-05-13 13:28 - 2017-03-17 22:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll

2017-05-13 13:28 - 2017-03-17 22:38 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll

2017-05-13 13:28 - 2017-03-17 22:35 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll

2017-05-13 13:28 - 2017-03-17 22:35 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll

2017-05-13 13:28 - 2017-03-17 22:33 - 05141504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll

2017-05-13 13:28 - 2017-03-17 22:33 - 03648000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe

2017-05-13 13:28 - 2017-03-17 22:30 - 01480704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll

2017-05-13 13:28 - 2017-03-17 22:30 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe

2017-05-13 13:28 - 2017-03-17 22:30 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll

2017-05-13 13:28 - 2017-03-17 22:30 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll

2017-05-13 13:28 - 2017-03-17 22:29 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll

2017-05-13 13:28 - 2017-03-17 22:29 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll

2017-05-13 13:28 - 2017-03-17 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll

2017-05-13 13:27 - 2017-05-13 13:27 - 00008192 _____ C:\WINDOWS\system32\config\userdiff

2017-05-13 13:27 - 2017-05-13 12:31 - 00000000 ____D C:\WINDOWS\ServiceProfiles

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\Program Files\Reference Assemblies

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\Program Files\MSBuild

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2017-05-13 13:26 - 2017-05-13 13:26 - 00000000 ____D C:\Program Files (x86)\MSBuild

2017-05-13 13:26 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2017-05-13 13:26 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2017-05-13 13:26 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2017-05-13 13:26 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2017-05-13 13:26 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2017-05-13 13:26 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2017-05-13 12:58 - 2017-06-02 18:08 - 00007598 _____ C:\Users\User_PC\AppData\Local\Resmon.ResmonCfg

2017-05-13 12:42 - 2017-05-13 12:42 - 00000000 ____D C:\ProgramData\Microsoft OneDrive

2017-05-13 12:41 - 2017-05-13 12:41 - 00000020 ___SH C:\Users\User_PC\ntuser.ini

2017-05-13 12:40 - 2017-05-13 12:40 - 00000000 ____D C:\ProgramData\USOShared

2017-05-13 12:39 - 2017-05-13 12:39 - 00007623 _____ C:\WINDOWS\diagwrn.xml

2017-05-13 12:39 - 2017-05-13 12:39 - 00007623 _____ C:\WINDOWS\diagerr.xml

2017-05-13 12:38 - 2017-06-06 16:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-05-13 12:38 - 2017-05-25 11:52 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-25 11:52 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-05-13 12:38 - 2017-05-13 12:42 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2

2017-05-13 12:38 - 2017-05-13 12:38 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-05-13 12:38 - 2017-05-13 12:38 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-05-13 12:38 - 2017-05-13 12:38 - 00002668 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task

2017-05-13 12:38 - 2017-05-13 12:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel

2017-05-13 12:35 - 2017-05-13 12:35 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2017-05-13 12:34 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-05-13 12:33 - 2017-06-05 22:40 - 00000000 ____D C:\Users\User_PC

2017-05-13 12:33 - 2017-05-13 12:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Vorlagen

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Startmenü

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Netzwerkumgebung

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Lokale Einstellungen

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Eigene Dateien

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Druckumgebung

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Documents\Eigene Videos

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Documents\Eigene Musik

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Documents\Eigene Bilder

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\AppData\Local\Verlauf

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\AppData\Local\Anwendungsdaten

2017-05-13 12:33 - 2017-05-13 12:33 - 00000000 _SHDL C:\Users\User_PC\Anwendungsdaten

2017-05-13 12:32 - 2017-06-06 16:20 - 02402788 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-05-13 12:32 - 2017-06-06 16:16 - 00000000 ____D C:\ProgramData\NVIDIA

2017-05-13 12:32 - 2017-05-25 11:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2017-05-13 12:32 - 2017-05-25 11:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2017-05-13 12:32 - 2017-05-25 11:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2017-05-13 12:32 - 2017-05-18 07:55 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2017-05-13 12:32 - 2017-05-18 07:48 - 06437824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 02479736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 00548984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2017-05-13 12:32 - 2017-05-18 07:48 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2017-05-13 12:32 - 2017-05-16 20:09 - 07993157 _____ C:\WINDOWS\system32\nvcoproc.bin

2017-05-13 12:32 - 2017-05-14 09:07 - 00000000 ____D C:\Program Files (x86)\Razer

2017-05-13 12:32 - 2017-05-13 12:34 - 00000000 ____D C:\ProgramData\Razer

2017-05-13 12:32 - 2017-05-13 12:32 - 01931144 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

2017-05-13 12:32 - 2017-05-13 12:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2017-05-13 12:32 - 2017-05-13 12:32 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2017-05-13 12:32 - 2017-05-13 12:32 - 00000000 ____D C:\Program Files\Realtek

2017-05-13 12:31 - 2017-06-06 14:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-05-13 12:31 - 2017-05-14 09:04 - 00335808 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-05-13 09:49 - 2017-05-13 12:41 - 00000000 ___DC C:\WINDOWS\Panther

2017-05-12 19:59 - 2017-05-13 12:53 - 00000000 ____D C:\Users\User_PC\.idlerc

2017-05-12 19:57 - 2017-05-13 12:36 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.6

2017-05-12 19:57 - 2017-05-12 19:57 - 00000000 ____D C:\Users\User_PC\AppData\Local\Package Cache

2017-05-12 16:06 - 2017-05-12 16:06 - 00000000 ____D C:\Users\User_PC\AppData\Local\UNP

2017-05-12 11:50 - 2017-05-13 12:36 - 00000000 ____D C:\WINDOWS\system32\UNP

2017-05-12 11:50 - 2017-05-12 11:51 - 00000000 ____D C:\Program Files\UNP

2017-05-11 17:38 - 2017-05-11 17:38 - 00000000 ____D C:\Users\User_PC\AppData\Local\id Software

2017-05-10 11:24 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll

2017-05-10 11:13 - 2017-05-10 11:13 - 07252327 _____ C:\Users\User_PC\Desktop\What-is-the-Name-of-this-Book.pdf
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-06-06 17:18 - 2016-07-25 13:15 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\vlc

2017-06-06 16:36 - 2016-07-25 13:46 - 00001057 _____ C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Livestreamer Twitch GUI.lnk

2017-06-06 16:35 - 2016-07-25 13:46 - 00000000 ____D C:\Users\User_PC\AppData\Local\livestreamer-twitch-gui

2017-06-06 16:20 - 2017-03-20 06:35 - 01065094 _____ C:\WINDOWS\system32\perfh007.dat

2017-06-06 16:20 - 2017-03-20 06:35 - 00248836 _____ C:\WINDOWS\system32\perfc007.dat

2017-06-06 16:14 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI

2017-06-06 16:14 - 2016-08-16 10:08 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-06-06 16:14 - 2016-08-16 10:06 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys

2017-06-06 16:14 - 2016-08-16 10:06 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-06-06 16:14 - 2016-08-16 10:06 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-06-06 16:14 - 2016-08-16 10:03 - 00000000 ____D C:\AdwCleaner

2017-06-06 16:14 - 2016-07-25 14:00 - 00000008 __RSH C:\ProgramData\ntuser.pol

2017-06-06 15:48 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

2017-06-06 15:48 - 2016-08-16 10:06 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-06-06 15:48 - 2016-07-25 09:12 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-06-06 15:45 - 2016-07-25 10:08 - 00000000 ____D C:\Program Files (x86)\Steam

2017-06-06 15:34 - 2016-07-25 12:36 - 00000000 ____D C:\ProgramData\Avira

2017-06-06 15:34 - 2016-07-25 09:53 - 00000000 ____D C:\Users\User_PC\AppData\Local\Battle.net

2017-06-06 15:34 - 2016-07-24 23:54 - 00000000 ____D C:\ProgramData\Package Cache

2017-06-06 15:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed

2017-06-06 15:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

2017-06-06 15:28 - 2016-07-25 13:06 - 00000000 ____D C:\Program Files (x86)\Adobe

2017-06-06 15:04 - 2016-07-25 09:53 - 00000000 ____D C:\Program Files (x86)\Battle.net

2017-06-05 17:00 - 2016-04-09 09:12 - 00000838 _____ C:\Users\User_PC\Desktop\td.txt

2017-06-04 11:49 - 2017-01-11 15:29 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim

2017-06-04 11:49 - 2017-01-11 15:29 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\HearthstoneDeckTracker

2017-06-04 11:49 - 2017-01-11 15:29 - 00000000 ____D C:\Users\User_PC\AppData\Local\HearthstoneDeckTracker

2017-06-04 11:49 - 2016-07-26 21:14 - 00000000 ____D C:\Users\User_PC\AppData\Local\SquirrelTemp

2017-06-04 08:23 - 2016-07-25 10:04 - 00000000 ____D C:\Users\User_PC\AppData\Local\CrashDumps

2017-06-03 08:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-06-02 06:36 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps

2017-05-31 18:31 - 2016-07-25 13:57 - 00000000 ____D C:\Users\User_PC\AppData\Local\ManyCam

2017-05-31 15:13 - 2016-07-26 21:14 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\discord

2017-05-29 17:52 - 2015-12-24 18:32 - 00000000 ____D C:\Users\User_PC\Documents\Klei

2017-05-28 17:04 - 2016-07-25 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2017-05-25 11:58 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF

2017-05-25 11:58 - 2016-07-25 10:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2017-05-23 11:58 - 2016-07-25 09:11 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-05-23 11:57 - 2016-07-25 09:11 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-05-22 21:35 - 2016-08-26 15:56 - 00000000 ____D C:\Users\User_PC\AppData\Local\Overwolf

2017-05-22 15:42 - 2016-11-16 16:15 - 00000000 ____D C:\Users\User_PC\Desktop\Bewerbungen

2017-05-19 14:08 - 2017-01-24 11:01 - 00072520 _____ C:\Users\User_PC\AppData\Local\GDIPFONTCACHEV1.DAT

2017-05-19 09:35 - 2017-01-05 13:47 - 00000553 _____ C:\Users\User_PC\Desktop\partypoker.lnk

2017-05-19 09:35 - 2016-11-10 17:57 - 00000553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk

2017-05-19 09:35 - 2016-08-13 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2017-05-18 16:39 - 2016-08-26 15:56 - 00000000 ____D C:\Program Files (x86)\Overwolf

2017-05-18 09:35 - 2017-04-26 10:04 - 04114248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2017-05-18 09:35 - 2017-04-26 10:04 - 03624784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2017-05-18 09:35 - 2017-04-26 10:04 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys

2017-05-18 09:35 - 2017-04-26 10:04 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb

2017-05-18 09:35 - 2016-12-15 13:00 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat

2017-05-16 13:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache

2017-05-14 09:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat

2017-05-13 15:53 - 2016-09-26 09:35 - 00000000 ____D C:\Program Files\Common Files\logishrd

2017-05-13 14:43 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-05-13 13:31 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template

2017-05-13 13:29 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2017-05-13 13:29 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-05-13 13:29 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism

2017-05-13 13:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI

2017-05-13 13:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI

2017-05-13 12:57 - 2016-07-24 23:49 - 00000000 ____D C:\Users\User_PC\AppData\Local\Packages

2017-05-13 12:42 - 2016-09-26 09:45 - 00000000 ____D C:\Users\User_PC\AppData\Local\ConnectedDevicesPlatform

2017-05-13 12:42 - 2016-07-24 23:50 - 00002396 _____ C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2017-05-13 12:42 - 2015-10-27 11:02 - 00000000 ___RD C:\Users\User_PC\OneDrive

2017-05-13 12:41 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-05-13 12:41 - 2016-07-24 23:55 - 00000000 ____D C:\Users\User_PC\AppData\Local\MicrosoftEdge

2017-05-13 12:41 - 2015-10-27 11:00 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-05-13 12:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase

2017-05-13 12:40 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate

2017-05-13 12:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT

2017-05-13 12:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration

2017-05-13 12:39 - 2016-10-27 11:12 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-05-13 12:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2017-05-13 12:38 - 2017-03-20 06:37 - 00000000 ____D C:\WINDOWS\HoloShell

2017-05-13 12:38 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries

2017-05-13 12:38 - 2016-09-26 09:43 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat

2017-05-13 12:37 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2017-05-13 12:36 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2017-05-13 12:36 - 2017-01-16 13:02 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps

2017-05-13 12:36 - 2016-12-14 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Track-o-Bot

2017-05-13 12:36 - 2016-11-23 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III

2017-05-13 12:36 - 2016-11-16 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2017-05-13 12:36 - 2016-11-16 16:40 - 00000000 ____D C:\WINDOWS\SHELLNEW

2017-05-13 12:36 - 2016-11-10 18:28 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FullTilt.EU

2017-05-13 12:36 - 2016-08-31 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft

2017-05-13 12:36 - 2016-08-26 15:56 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf

2017-05-13 12:36 - 2016-08-11 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe

2017-05-13 12:36 - 2016-08-07 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio

2017-05-13 12:36 - 2016-07-30 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

2017-05-13 12:36 - 2016-07-27 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2017-05-13 12:36 - 2016-07-26 15:40 - 00000000 ____D C:\WINDOWS\SysWOW64\1033

2017-05-13 12:36 - 2016-07-26 15:40 - 00000000 ____D C:\WINDOWS\system32\1033

2017-05-13 12:36 - 2016-07-25 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

2017-05-13 12:36 - 2016-07-25 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam

2017-05-13 12:36 - 2016-07-25 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\beurer

2017-05-13 12:36 - 2016-07-25 13:55 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2

2017-05-13 12:36 - 2016-07-25 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2017-05-13 12:36 - 2016-07-25 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2017-05-13 12:36 - 2016-07-25 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI(R) Intel(R) Extreme Tuning Utility

2017-05-13 12:36 - 2016-07-25 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2017-05-13 12:36 - 2016-07-25 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2017-05-13 12:36 - 2016-07-25 09:47 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2017-05-13 12:36 - 2016-07-25 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2017-05-13 12:34 - 2017-04-15 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2017-05-13 12:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool

2017-05-13 12:34 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2017-05-13 12:34 - 2017-01-24 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24

2017-05-13 12:34 - 2016-09-14 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

2017-05-13 12:34 - 2016-08-03 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2017-05-13 12:34 - 2016-07-26 15:42 - 00000000 ____D C:\Program Files\IIS

2017-05-13 12:34 - 2016-07-25 10:36 - 00000000 ____D C:\Program Files\Intel

2017-05-13 12:34 - 2016-07-25 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI

2017-05-13 12:34 - 2016-07-24 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2017-05-13 12:33 - 2016-11-25 22:19 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2017-05-13 12:33 - 2016-07-26 21:14 - 00000000 ____D C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc

2017-05-13 12:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help

2017-05-13 12:32 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep

2017-05-13 12:22 - 2015-07-10 05:36 - 00008192 __RSH C:\BOOTSECT.BAK

2017-05-09 23:45 - 2016-11-25 22:19 - 00000000 ____D C:\Users\User_PC\AppData\Local\Ubisoft Game Launcher
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2017-01-06 19:02 - 2017-01-06 20:58 - 0003968 _____ () C:\Users\User_PC\AppData\Roaming\VoiceMeeterDefault.xml

2016-07-25 15:00 - 2016-09-14 00:00 - 0000173 _____ () C:\Users\User_PC\AppData\Roaming\WB.CFG

2017-05-13 12:58 - 2017-06-02 18:08 - 0007598 _____ () C:\Users\User_PC\AppData\Local\Resmon.ResmonCfg

2016-12-15 13:00 - 2017-02-02 19:02 - 0010896 _____ () C:\ProgramData\NvTelemetryContainer.log

2016-12-15 13:00 - 2017-01-30 01:40 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 

Einige Dateien in TEMP:

====================

2017-06-06 15:34 - 2017-06-06 15:34 - 0040448 ____N () C:\Users\User_PC\AppData\Local\Temp\proxy_vole7257220870215461375.dll
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-05-31 13:27
 

==================== Ende von FRST.txt ============================

Addition:

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-06-2017

durchgeführt von H4wk (06-06-2017 17:19:11)

Gestartet von D:\Web DL

Windows 10 Home Version 1703 (X64) (2017-05-13 10:40:45)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-2080308072-346064868-999961720-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-2080308072-346064868-999961720-503 - Limited - Disabled)

Gast (S-1-5-21-2080308072-346064868-999961720-501 - Limited - Disabled)

H4wk (S-1-5-21-2080308072-346064868-999961720-1001 - Administrator - Enabled) => C:\Users\User_PC
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

µTorrent (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)

ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)

Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden

Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden

Amazon Kindle (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)

Ansel (Version: 382.33 - NVIDIA Corporation) Hidden

Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)

Avoid Sensory Overload (HKLM\...\Steam App 286660) (Version:  - 48h Studio)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Beurer ECG Manager (HKLM-x32\...\{D66C35D2-6217-4A3D-86B0-B320BF36D7AE}) (Version: 1.20.25 - beurer)

Bit Blaster XL (HKLM\...\Steam App 433950) (Version:  - Nickervision Studios)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)

CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden

Citrix Receiver 4.7 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.7.0.13011 - Citrix Systems, Inc.)

Clones (HKLM\...\Steam App 72400) (Version:  - Tomkorp Computer Solutions Inc.)

Closure (HKLM\...\Steam App 72000) (Version:  - Eyebrow Interactive)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dex (HKLM\...\Steam App 269650) (Version:  - Dreadlocks Ltd.)

Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)

Discord (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)

Distance (HKLM\...\Steam App 233610) (Version:  - Refract)

Don't Starve (HKLM\...\Steam App 219740) (Version:  - Klei Entertainment)

Don't Starve Together (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)

eden* (HKLM\...\Steam App 315810) (Version:  - minori)

Electronic Super Joy (HKLM\...\Steam App 244870) (Version:  - Michael Todd Games)

Enter the Gungeon (HKLM\...\Steam App 311690) (Version:  - Dodge Roll)

Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)

Erforderliche Komponenten für SSDT  (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)

erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

Far Cry Primal (HKLM\...\Steam App 371660) (Version:  - Ubisoft)

FLY'N (HKLM\...\Steam App 223730) (Version:  - Ankama)

ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)

Full Tilt.eu (HKLM-x32\...\Full Tilt.eu) (Version:  - Full Tilt.eu)

GemCraft - Chasing Shadows (HKLM\...\Steam App 296490) (Version:  - Game in a Bottle)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)

Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden

Guns, Gore & Cannoli (HKLM\...\Steam App 322210) (Version:  - Crazy Monkey Studios)

Half-Life: A Place in the West (HKLM\...\Steam App 466270) (Version:  - Michael Pelletier)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Hearthstone Deck Tracker (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\HearthstoneDeckTracker) (Version: 1.3.5 - HearthSim)

IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )

Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden

iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )

Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)

Mad Bullets (HKLM\...\Steam App 452860) (Version:  - isTom Games Kft.)

Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

ManyCam 4.1.2 (HKLM-x32\...\ManyCam) (Version: 4.1.2 - Visicom Media Inc.)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)

Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)

Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)

Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)

Microsoft SQL Server*2016 Management Objects  (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)

Mini Metro (HKLM\...\Steam App 287980) (Version:  - Dinosaur Polo Club)

Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)

MSI(R) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{bcbf202c-9746-4173-a49b-649bfd0adca6}) (Version: 6.0.2.102 - Intel Corporation)

MSI(R) Intel(R) Extreme Tuning Utility (x32 Version: 6.0.2.102 - Intel Corporation) Hidden

NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.33 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)

NVIDIA Grafiktreiber 382.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.33 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden

NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden

NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)

Online Plug-in (x32 Version: 14.7.0.13011 - Citrix Systems, Inc.) Hidden

oO (HKLM\...\Steam App 367570) (Version:  - Maciej Targoni)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)

Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)

Overwolf (HKLM-x32\...\Overwolf) (Version: 0.104.210.0 - Overwolf Ltd.)

paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)

Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)

Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)

Parcel (HKLM\...\Steam App 316080) (Version:  - Polar Bunny Ltd)

partypoker (HKLM-x32\...\PartyPoker) (Version:  - PartyGaming)

PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)

PDF24 Creator 8.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

Python 3.6.1 (32-bit) (HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)

Python 3.6.1 Add to Path (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Core Interpreter (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Development Libraries (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Documentation (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Executables (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 pip Bootstrap (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Standard Library (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Tcl/Tk Support (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Test Suite (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python 3.6.1 Utility Scripts (32-bit) (x32 Version: 3.6.1150.0 - Python Software Foundation) Hidden

Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)

Quell Memento (HKLM\...\Steam App 348440) (Version:  - Fallen Tree Games Ltd)

Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.1.5 - Razer Inc.)

Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.8.311.2016 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7806 - Realtek Semiconductor Corp.)

Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)

RFLEX (HKLM\...\Steam App 392020) (Version:  - Wesley LaFerriere)

Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)

Roslyn Language Services - x86 (x32 Version: 14.0.25424 - Microsoft Corporation) Hidden

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)

Self-Service Plug-in (x32 Version: 4.7.0.15674 - Citrix Systems, Inc.) Hidden

SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden

Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)

Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Streamlink Twitch GUI (HKLM-x32\...\streamlink-twitch-gui) (Version: 1.1.1 - Sebastian Meyer)

Sword of the Stars: The Pit (HKLM\...\Steam App 233700) (Version:  - Kerberos Productions Inc.)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)

The Legend of Korra™ (HKLM\...\Steam App 281690) (Version:  - PlatinumGames)

Town of Salem (HKLM\...\Steam App 334230) (Version:  - BlankMediaGames)

Track-o-Bot version 0.8.5 (HKLM-x32\...\Track-o-Bot_is1) (Version: 0.8.5 - spidy.ch)

TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.35.0 - Microsoft Corporation) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 25.0.1 - Ubisoft)

Valkyria Chronicles™ (HKLM\...\Steam App 294860) (Version:  - SEGA)

VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)

Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

Westerado: Double Barreled (HKLM\...\Steam App 275200) (Version:  - Ostrich Banditos)

Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windscribe version 1.59 build 10 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.59 build 10 - Windscribe)

WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {226F5E93-1716-43C7-9CCF-842056D03A46} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)

Task: {28F80F46-E496-4C91-B7BA-FF28F71ECCB7} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-05-14] (Overwolf LTD)

Task: {2AA1AA56-BB51-4807-825B-9FC84A165471} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-27] (Google Inc.)

Task: {2E6114CB-79AE-4B6B-9DB8-5004C195C1A0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)

Task: {30706873-0AB0-43CE-B48F-7189A95E4927} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

Task: {38F5D07D-BB12-4F33-AB0B-94E97117B143} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

Task: {52824E63-5113-460E-8369-2B5FA8B057F4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)

Task: {58733ABE-4854-49DA-AF23-19DECCABE233} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

Task: {60E9CA43-CF7F-4017-AE9C-43D7C8186821} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

Task: {8CFACB55-C050-404C-9051-46EDAD014495} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)

Task: {AFFFE463-507B-4A26-AE3B-EFF7EE4C96F0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)

Task: {B687F93E-F8B0-4BFA-8965-4746B387DE49} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-27] (Google Inc.)

Task: {B6880BAA-09FA-489F-A6AB-092876CA06F7} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe 
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

ShortcutWithArgument: C:\Users\User_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg

ShortcutWithArgument: C:\Users\User_PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg

ShortcutWithArgument: C:\Users\User_PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\207745223fb8679b\streamlink-twitch-gui.lnk -> C:\Program Files\Streamlink Twitch GUI\streamlink-twitch-gui.exe (The NWJS Community) -> --user-data-dir="C:\Users\User_PC\AppData\Local\streamlink-twitch-gui\User Data" --profile-directory=Default --app-id=kjlcknihpadniagphehmpojkkdigigjp
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2016-08-11 20:42 - 2016-07-24 02:38 - 00047208 _____ () C:\Program Files (x86)\Windscribe\WindscribeService.exe

2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2016-10-08 10:19 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-05-11 00:43 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll

2017-05-11 00:43 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll

2016-11-04 20:56 - 2016-11-04 20:56 - 61917108 _____ () D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

2016-11-04 20:56 - 2016-10-15 06:14 - 01890304 _____ () D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\libglesv2.dll

2016-11-04 20:56 - 2016-10-15 06:14 - 00086016 _____ () D:\Web DL\livestreamer-twitch-gui-v0.16.0-win64\libegl.dll

2013-09-23 21:04 - 2013-09-23 21:04 - 00007680 _____ () C:\Program Files (x86)\Livestreamer\livestreamer.exe

2016-07-25 10:16 - 2014-08-13 20:10 - 01723856 _____ () C:\MSI\Smart Utilities\SuperRAIDExt.DLL

2016-07-25 10:16 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll

2016-10-08 10:19 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\localhost -> localhost
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2016-07-25 00:37 - 2016-07-25 00:37 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-2080308072-346064868-999961720-1001\Control Panel\Desktop\\Wallpaper -> D:\Wallpaper\blood-red-forest.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "Live Update"

HKLM\...\StartupApproved\Run32: => "Command Center"

HKLM\...\StartupApproved\Run32: => "Fast Boot"

HKLM\...\StartupApproved\Run32: => "Super Charger"

HKLM\...\StartupApproved\Run32: => "LWS"

HKLM\...\StartupApproved\Run32: => "PDFPrint"

HKLM\...\StartupApproved\Run32: => "ConnectionCenter"

HKLM\...\StartupApproved\Run32: => "Redirector"

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\StartupApproved\Run: => "Steam"

HKU\S-1-5-21-2080308072-346064868-999961720-1001\...\StartupApproved\Run: => "Windscribe"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{6F6B48F4-1871-4948-916F-43DBA00B314B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{55E7CBDB-D021-4C59-9C30-D0134288D159}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{B5D18FAC-0EFF-40C9-B152-AA6C682C68F3}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{C66ABBAA-55FB-47E3-99A7-851FB0DF3F70}] => (Allow) E:\SteamLibrary\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe

FirewallRules: [{6E993D3D-EF8D-45A9-A15B-13066EB07342}] => (Allow) E:\SteamLibrary\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe

FirewallRules: [{006FBD48-FB18-4398-8BCC-1A622C9B153B}] => (Allow) E:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe

FirewallRules: [{DC3FE9AD-81F1-49EF-94B0-52FDB7CB4C91}] => (Allow) E:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe

FirewallRules: [UDP Query User{C696562E-1F42-4E43-B8E4-4C92F36FAFBE}E:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe

FirewallRules: [TCP Query User{927D5A73-1CAE-4523-8DD7-F1767605C079}E:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) E:\steamlibrary\steamapps\common\dishonored\binaries\win32\dishonored.exe

FirewallRules: [{660317FB-6245-4BE7-B48B-41CCA02FF22D}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

FirewallRules: [{831294A2-F7CE-49FE-901E-B6D29F9AD9AA}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe

FirewallRules: [{B788C453-14BE-495B-881E-AAE940602F05}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe

FirewallRules: [{30272FB8-7620-43F5-AAD9-27F8DC90DB5A}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe

FirewallRules: [{CE997D41-28A1-4EB8-8B3E-8B0D617ED0BD}] => (Allow) E:\SteamLibrary\steamapps\common\Westerado\WesteradoDB.exe

FirewallRules: [{C77BCEA7-CCCD-44E0-B3A9-918B7EC27FC4}] => (Allow) E:\SteamLibrary\steamapps\common\Westerado\WesteradoDB.exe

FirewallRules: [{0CEFFDCE-7A71-40EE-B4D2-85BD3E5C28B2}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe

FirewallRules: [{71FC2D08-1EEA-4BE6-9550-17F950C02984}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe

FirewallRules: [{1DFEFFBB-6A7D-4A8E-B334-DEED03DC965C}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe

FirewallRules: [{CD9447C7-7122-4FD1-825E-1195454F9E8E}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\x64\Talos.exe

FirewallRules: [{9AB377CE-5CA2-4B9D-9AA6-05DB58FA0710}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe

FirewallRules: [{C3AE5C9A-6B4F-4CA3-981C-B51BA1AA3B55}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe

FirewallRules: [{3ACFF69E-7B3B-4143-B5F3-C64FD8F4931C}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\Talos.exe

FirewallRules: [{02C87BE5-0E43-4F04-9367-D651FFFA3E67}] => (Allow) E:\SteamLibrary\steamapps\common\The Talos Principle\Bin\Talos.exe

FirewallRules: [{A813E4FB-8E32-43BA-A1F8-A5DF748C6787}] => (Allow) E:\SteamLibrary\steamapps\common\Parcel\Parcel.exe

FirewallRules: [{DF56AE24-54E8-4E60-8258-42A4D490A74F}] => (Allow) E:\SteamLibrary\steamapps\common\Parcel\Parcel.exe

FirewallRules: [{71A83C4C-D45A-4220-A19B-83924A90DE14}] => (Allow) E:\SteamLibrary\steamapps\common\Closure\Closure.exe

FirewallRules: [{EDC0A141-F980-4F3E-AD0E-A888F932AA22}] => (Allow) E:\SteamLibrary\steamapps\common\Closure\Closure.exe

FirewallRules: [{D32E38EF-F9E4-4E4E-B115-E721B881E864}] => (Allow) E:\SteamLibrary\steamapps\common\RFLEX\RFLEX64.exe

FirewallRules: [{63ECE0CC-07A9-4483-A056-7A59057046EA}] => (Allow) E:\SteamLibrary\steamapps\common\RFLEX\RFLEX64.exe

FirewallRules: [{0D088764-188D-4369-996D-C3E77D8FBE20}] => (Allow) E:\SteamLibrary\steamapps\common\oO\ooWin.exe

FirewallRules: [{A24F720D-7C59-4BE8-AD5E-96EDE32B8ACC}] => (Allow) E:\SteamLibrary\steamapps\common\oO\ooWin.exe

FirewallRules: [{8DB691E8-581B-4725-9DE0-458FC16C8F9A}] => (Allow) E:\SteamLibrary\steamapps\common\Avoid Sensory Overload\avoid.exe

FirewallRules: [{F9F64DF1-58B3-4CD6-A9DF-8CD8BC8C8441}] => (Allow) E:\SteamLibrary\steamapps\common\Avoid Sensory Overload\avoid.exe

FirewallRules: [{18EE1FD4-0094-497E-A80C-6C68C4ACA1A1}] => (Allow) E:\SteamLibrary\steamapps\common\ElectronicSuperJoy\ElectronicSuperJoy.exe

FirewallRules: [{46B60BF1-CD59-433E-BB93-B685E54B3EFE}] => (Allow) E:\SteamLibrary\steamapps\common\ElectronicSuperJoy\ElectronicSuperJoy.exe

FirewallRules: [{B390CC2D-71E6-4178-9E86-75B265CB350E}] => (Allow) E:\SteamLibrary\steamapps\common\Clones\Bin\ClonesGame.exe

FirewallRules: [{2BC1D65E-C0F3-42F8-A1D6-F3608AB9B186}] => (Allow) E:\SteamLibrary\steamapps\common\Clones\Bin\ClonesGame.exe

FirewallRules: [UDP Query User{EC945CCB-2D02-46D7-89FC-757F294595A0}E:\ubi shit\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\ubi shit\ubisoft game launcher\games\forhonor\forhonor.exe

FirewallRules: [TCP Query User{DE9D8503-E6E4-489C-93C7-58E65929AFFF}E:\ubi shit\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) E:\ubi shit\ubisoft game launcher\games\forhonor\forhonor.exe

FirewallRules: [{28DD0259-414B-451E-8245-94F25864EEFE}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe

FirewallRules: [{7FC62D06-C910-4B29-94C0-576274724F65}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe

FirewallRules: [{041A9892-3ED2-47F1-9A31-8311FF35C174}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe

FirewallRules: [{2A6C06BF-D879-4580-9EC2-A05428CA3F11}] => (Allow) E:\SteamLibrary\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe

FirewallRules: [{03E23746-1FC1-48AF-9E75-645E70F86233}] => (Allow) E:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe

FirewallRules: [{4FDDE233-EF15-46AE-A0A4-B69FA2A8A925}] => (Allow) E:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe

FirewallRules: [{CBB08155-3945-453B-B736-7B9528E63705}] => (Allow) E:\SteamLibrary\steamapps\common\TheRoom\TheRoom.exe

FirewallRules: [{F9A1F071-250F-4759-B02D-9B60D8CF4B9C}] => (Allow) E:\SteamLibrary\steamapps\common\TheRoom\TheRoom.exe

FirewallRules: [{A92BA65F-05DC-4CAB-B92E-7DC0245FCE88}] => (Allow) E:\SteamLibrary\steamapps\common\Majesty HD\MajestyHD.exe

FirewallRules: [{1C2D81AB-D2B1-440D-9CFF-26A9187FC2B6}] => (Allow) E:\SteamLibrary\steamapps\common\Majesty HD\MajestyHD.exe

FirewallRules: [UDP Query User{2E940269-518C-478F-B88F-8F2E8CFAE27E}E:\blizzard\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base48645\sc2_x64.exe

FirewallRules: [TCP Query User{2061E305-79D8-47D4-B050-1B2F4B1795C1}E:\blizzard\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base48645\sc2_x64.exe

FirewallRules: [{DD383C96-3548-44FF-8FB8-56E9C03D7839}] => (Allow) E:\SteamLibrary\steamapps\common\CookServeDelicious\CSDSteamBuild.exe

FirewallRules: [{065B1019-0114-4B37-9798-DB485F8D3CDD}] => (Allow) E:\SteamLibrary\steamapps\common\CookServeDelicious\CSDSteamBuild.exe

FirewallRules: [{E7072D13-B117-42EA-9894-983495B390A9}] => (Allow) E:\SteamLibrary\steamapps\common\The Pit\ThePit.exe

FirewallRules: [{ABAB5145-5E41-47DF-98FF-B070EEB403CC}] => (Allow) E:\SteamLibrary\steamapps\common\The Pit\ThePit.exe

FirewallRules: [UDP Query User{7A966D35-6544-4EFC-8FB0-ECC69A817A73}E:\blizzard\overwatch\overwatch.exe] => (Allow) E:\blizzard\overwatch\overwatch.exe

FirewallRules: [TCP Query User{E27EF055-4B0D-42B4-B126-6B6ABA35DE0A}E:\blizzard\overwatch\overwatch.exe] => (Allow) E:\blizzard\overwatch\overwatch.exe

FirewallRules: [{E3056E89-3114-4078-9616-FBA4F6110F54}] => (Allow) E:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{2F5BC9E9-8B29-46B7-8AE5-0B2A2C975504}] => (Allow) E:\SteamLibrary\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe

FirewallRules: [{3EE2C6EC-9B0E-45BB-9D0A-65153D3DE167}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{845EE5E6-9017-4397-917B-5C2DAD852BAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{77EB1596-AAE5-45F6-B4B9-E50407FBFD16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{3742C2C4-2E3D-474E-B64B-919E574BB437}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{57634E17-60E2-4031-9700-0A3D851887A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{27256A05-F797-4E6B-92C3-45D3C6BC171E}] => (Allow) E:\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe

FirewallRules: [{BF210166-64AE-41BF-82CF-798D3B78F6C2}] => (Allow) E:\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe

FirewallRules: [{C1D72244-EC71-475C-A43D-F92960FFB7A5}] => (Allow) E:\SteamLibrary\steamapps\common\Dex\GamepadConfigTool.exe

FirewallRules: [{76391B62-5E7F-4141-B628-95AE361FA2B2}] => (Allow) E:\SteamLibrary\steamapps\common\Dex\GamepadConfigTool.exe

FirewallRules: [{61452023-4E41-41E4-A21C-0E5B75F0C2B2}] => (Allow) E:\SteamLibrary\steamapps\common\Dex\Dex.exe

FirewallRules: [{139D69E8-2547-4C0F-A477-6F4916B5F3C7}] => (Allow) E:\SteamLibrary\steamapps\common\Dex\Dex.exe

FirewallRules: [{2A2E2246-CF5E-45CF-BD0F-43DD8C16EBE9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{568E2FED-BE32-4AB4-AE42-413C2BC9C45F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [UDP Query User{21284698-ABF8-4F1A-A96B-E8430471E65B}D:\web dl\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe] => (Allow) D:\web dl\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

FirewallRules: [TCP Query User{4E211D82-77FA-445F-A5C6-9F8A0EEE0B04}D:\web dl\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe] => (Allow) D:\web dl\livestreamer-twitch-gui-v0.16.0-win64\livestreamer-twitch-gui.exe

FirewallRules: [UDP Query User{CF0D7403-CD95-4343-BB04-6FC7209A918B}D:\web dl\streamlink-twitch-gui-v1.0.0-win64\streamlink-twitch-gui\streamlink-twitch-gui.exe] => (Allow) D:\web dl\streamlink-twitch-gui-v1.0.0-win64\streamlink-twitch-gui\streamlink-twitch-gui.exe

FirewallRules: [TCP Query User{9AB95F9A-EE79-4957-8439-288E6A18A16F}D:\web dl\streamlink-twitch-gui-v1.0.0-win64\streamlink-twitch-gui\streamlink-twitch-gui.exe] => (Allow) D:\web dl\streamlink-twitch-gui-v1.0.0-win64\streamlink-twitch-gui\streamlink-twitch-gui.exe

FirewallRules: [UDP Query User{A216436A-A3CE-4FD7-9280-3A49B3E4294E}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe

FirewallRules: [TCP Query User{5AA4520A-E5B9-4F5E-9ED4-A98CABE29517}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe

FirewallRules: [UDP Query User{1951BC4B-104A-4C30-9608-B55D0C3159AA}E:\blizzard\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base48258\sc2_x64.exe

FirewallRules: [TCP Query User{16CDF2B1-9424-4DB6-92DA-D0FD1D0AB771}E:\blizzard\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base48258\sc2_x64.exe

FirewallRules: [{3C2C28CF-7B58-459A-B600-C773B15B685D}] => (Allow) E:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe

FirewallRules: [{381A05C1-673C-447B-AD67-38A94F725F3F}] => (Allow) E:\SteamLibrary\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe

FirewallRules: [{04BFDC8C-A348-41B9-95C3-F729E349C2C5}] => (Allow) E:\SteamLibrary\steamapps\common\MadBullets\bin_x86\Launcher.exe

FirewallRules: [{0C1A6742-3679-4C69-8650-E40477731D41}] => (Allow) E:\SteamLibrary\steamapps\common\MadBullets\bin_x86\Launcher.exe

FirewallRules: [{7ABCDEC4-EECF-4E65-9B86-14CEABA29306}] => (Allow) E:\SteamLibrary\steamapps\common\Far Cry Primal\bin\FCPrimal.exe

FirewallRules: [{BD4BDE16-2CC0-4636-8022-B95D1FFF0A22}] => (Allow) E:\SteamLibrary\steamapps\common\Far Cry Primal\bin\FCPrimal.exe

FirewallRules: [{D521760B-53B1-4E9B-9184-AABAA5BF4D3F}] => (Allow) E:\SteamLibrary\steamapps\common\Bit Blaster XL\BitBlasterXL.exe

FirewallRules: [{93BDA347-A2DF-4E8D-9A73-270BC8C87EC4}] => (Allow) E:\SteamLibrary\steamapps\common\Bit Blaster XL\BitBlasterXL.exe

FirewallRules: [{2DCF4718-754A-453D-A56F-18B393F2C776}] => (Allow) E:\SteamLibrary\steamapps\common\MiniMetro\MiniMetro.exe

FirewallRules: [{8503315C-75DF-498C-8363-DABFCCF39A58}] => (Allow) E:\SteamLibrary\steamapps\common\MiniMetro\MiniMetro.exe

FirewallRules: [{B9CDA8E5-B2E6-42AF-9BEC-8009357B256C}] => (Allow) E:\SteamLibrary\steamapps\common\Enter the Gungeon\EtG.exe

FirewallRules: [{4DCE47AD-2511-4A95-A990-2BA2818C055F}] => (Allow) E:\SteamLibrary\steamapps\common\Enter the Gungeon\EtG.exe

FirewallRules: [UDP Query User{15F0C9AC-75C5-46E4-97F6-2E3C63D9F6EE}E:\blizzard\wow\diablo iii\diablo iii.exe] => (Allow) E:\blizzard\wow\diablo iii\diablo iii.exe

FirewallRules: [TCP Query User{C7016FB5-7B02-4511-B571-BB2ED3828EB6}E:\blizzard\wow\diablo iii\diablo iii.exe] => (Allow) E:\blizzard\wow\diablo iii\diablo iii.exe

FirewallRules: [{52504E1F-D98A-474D-80A6-427F6E9ED6D6}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\legacy\DefendersQuest.exe

FirewallRules: [{9BB7D6E3-571B-4CA3-A628-C3C878BA73C1}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\legacy\DefendersQuest.exe

FirewallRules: [{1CB692BE-4DCB-406A-82C0-497B236F9D5F}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\deluxe_gl\DefendersQuest.exe

FirewallRules: [{05294207-AE4F-45D5-A565-692CECA5DE7F}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\deluxe_gl\DefendersQuest.exe

FirewallRules: [{2D6AE47F-3C5D-41D2-9FE2-8E7A8E3880E6}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\deluxe\DefendersQuest.exe

FirewallRules: [{EDEFFB79-875A-4DE8-8B2A-51BAFD58DCF7}] => (Allow) E:\SteamLibrary\steamapps\common\DefendersQuest\deluxe\DefendersQuest.exe

FirewallRules: [{A9D6D18C-28D5-49AA-B4DA-77BAD50DF944}] => (Allow) E:\SteamLibrary\steamapps\common\FLYN\Source\Flyn.exe

FirewallRules: [{48561776-1537-44AB-84D5-32FC1161DAFB}] => (Allow) E:\SteamLibrary\steamapps\common\FLYN\Source\Flyn.exe

FirewallRules: [{1E850C0D-430F-41E5-B03C-507396E83484}] => (Allow) E:\SteamLibrary\steamapps\common\Town of Salem\TownOfSalem.exe

FirewallRules: [{2BA9BA11-3B30-416D-BFE7-EC60C21B8BAC}] => (Allow) E:\SteamLibrary\steamapps\common\Town of Salem\TownOfSalem.exe

FirewallRules: [{207A690A-EBAD-4B79-91E2-1A37F2F422A4}] => (Allow) E:\SteamLibrary\steamapps\common\Reassembly\win32\ReassemblyRelease.exe

FirewallRules: [{D1A3E164-C346-4C5D-98D0-D587E1779D45}] => (Allow) E:\SteamLibrary\steamapps\common\Reassembly\win32\ReassemblyRelease.exe

FirewallRules: [{E7899F74-50A0-4974-812C-3B649BF6E37C}] => (Allow) E:\SteamLibrary\steamapps\common\eden\eden_en.exe

FirewallRules: [{95247444-8583-404D-BFD1-FB5404012DF5}] => (Allow) E:\SteamLibrary\steamapps\common\eden\eden_en.exe

FirewallRules: [{53DB08CE-79FF-4942-A843-DD593EDD9C1D}] => (Allow) E:\SteamLibrary\steamapps\common\The Legend of Korra\LoK.exe

FirewallRules: [{6EEBE087-E047-45B4-93F8-AA685B05B0AB}] => (Allow) E:\SteamLibrary\steamapps\common\The Legend of Korra\LoK.exe

FirewallRules: [{7C6A27E4-104D-4790-AEB7-6DC86F6603F9}] => (Allow) E:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe

FirewallRules: [{8B817F37-0AF1-4D5A-A4FF-EDA39464B887}] => (Allow) E:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe

FirewallRules: [{5698C48F-64A1-430E-B005-5452A253F877}] => (Allow) E:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe

FirewallRules: [{5DF0DD7F-B08B-451B-8E32-7E378C535F5E}] => (Allow) E:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe

FirewallRules: [UDP Query User{8108D924-11F5-406D-9675-35ABD52E1298}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe

FirewallRules: [TCP Query User{CDD43A0B-896C-4D9C-814A-8C6A21914D98}C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8098\battle.net.exe

FirewallRules: [UDP Query User{35CB0556-901C-4E3F-AB69-352F4FAA365F}E:\blizzard\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base47185\sc2_x64.exe

FirewallRules: [TCP Query User{0C7ABB61-E934-4AF0-9671-2D61D66902C9}E:\blizzard\starcraft ii\versions\base47185\sc2_x64.exe] => (Allow) E:\blizzard\starcraft ii\versions\base47185\sc2_x64.exe

FirewallRules: [{88ED8420-117D-485D-8AF7-1B3B84F565F9}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life A Place in the West\apw.exe

FirewallRules: [{B9984CF8-3412-46C0-B6D9-310BD5DC8845}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life A Place in the West\apw.exe

FirewallRules: [{4B12AF19-0DC7-45B4-A98A-8D3C486D2058}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{5450463A-C66C-45C4-90BF-467E7A647114}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{3F55C1D1-6BCA-4CBE-9905-BDBB040BE290}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{586801D9-32E3-477C-8B1D-65D1D4C8EA58}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{99A22B43-DC33-4081-9A63-0431EB6FC27E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{B8D8FF17-2188-4338-BCA2-381A7914805D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{ACB6A046-38ED-40D2-9378-B832A66D6C50}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{91611A45-17B4-4B6D-B710-921DAC047126}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{AF9F4B70-46D1-4931-8400-D7B6033C4A1B}] => (Allow) LPort=2869

FirewallRules: [{B3CA448E-B35D-475A-BEFE-D9A0FBB58491}] => (Allow) LPort=1900

FirewallRules: [{B6EADB50-0F12-4FCD-B317-3491A1A979AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{AB9B8BB9-E96B-4B6D-BDD0-DDC075310E87}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{A9E12141-C34C-4244-B3B7-3E8780E997D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{D44C05FF-3ABF-46A1-AB69-BD89D5DA679F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{1B64B2F9-DC5F-4471-A832-C66A03AABC47}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [TCP Query User{F1388BE8-6C48-4885-8E5C-E5152065CAE9}C:\program files (x86)\twitch gui\livestreamer-twitch-gui\livestreamer-twitch-gui.exe] => (Allow) C:\program files (x86)\twitch gui\livestreamer-twitch-gui\livestreamer-twitch-gui.exe

FirewallRules: [UDP Query User{2C622E03-489C-4C82-9C1C-AB5CCFA2ACAA}C:\program files (x86)\twitch gui\livestreamer-twitch-gui\livestreamer-twitch-gui.exe] => (Allow) C:\program files (x86)\twitch gui\livestreamer-twitch-gui\livestreamer-twitch-gui.exe

FirewallRules: [TCP Query User{54940359-F2BF-43FA-84AD-6E18EDF60573}C:\program files (x86)\livestreamer\livestreamer.exe] => (Allow) C:\program files (x86)\livestreamer\livestreamer.exe

FirewallRules: [UDP Query User{4B700B45-763D-4C2D-8AC3-A3031E67FF71}C:\program files (x86)\livestreamer\livestreamer.exe] => (Allow) C:\program files (x86)\livestreamer\livestreamer.exe

FirewallRules: [TCP Query User{1C12A83D-AC3E-4B30-B2CE-F1A4A02BBC0A}E:\blizzard\hearthstone\hearthstone.exe] => (Allow) E:\blizzard\hearthstone\hearthstone.exe

FirewallRules: [UDP Query User{81FEBAC8-7CCE-455C-A8D4-629AFB99DB7B}E:\blizzard\hearthstone\hearthstone.exe] => (Allow) E:\blizzard\hearthstone\hearthstone.exe

FirewallRules: [{185C2B14-F458-44F4-857F-F7E81B583C7A}] => (Allow) E:\SteamLibrary\steamapps\common\TheBugButcher\TheBugButcher.exe

FirewallRules: [{D7B25474-6682-4E85-9849-FDCC4D952188}] => (Allow) E:\SteamLibrary\steamapps\common\TheBugButcher\TheBugButcher.exe

FirewallRules: [TCP Query User{99CD7B9A-6571-4212-B195-7560B9F9C251}E:\pokemon go\necrobot-master\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{66E92727-29D6-4200-A81D-8B18F6D701A6}E:\pokemon go\necrobot-master\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{62572F69-CB8D-46A4-A748-02FDD04BF2C2}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\release_necro\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\release_necro\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{77DCCE4B-DC19-4B63-BE18-3C68F35F4BFF}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\release_necro\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\release_necro\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{5B4B9528-12D5-4715-A499-E3EDA7F52016}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{1EE7CB5C-0F12-4A7F-A0AD-8BDD518732B8}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{49FE9024-5FD6-4275-BC60-842AA56ADBF6}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{984684D1-D8E4-4240-BA7F-34B8B020A93F}E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teachermewmew\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{F1000CB0-683A-4E09-8DEB-87B7AA106032}E:\pokemon go\necrobot-master - teacheronisenpai\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teacheronisenpai\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{073DA70B-920C-4992-9520-74B9D204515D}E:\pokemon go\necrobot-master - teacheronisenpai\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-master - teacheronisenpai\necrobot-master\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{3F4E5831-D75D-4AC2-9458-1C14E0E88AC0}E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{1368571E-529B-40E6-9816-8C071D0739C1}E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [{C690E2AA-06E0-4FF7-A067-75BD33219D63}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{755941BD-D5ED-41BA-85D1-DD403BA5B2AF}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe

FirewallRules: [{C4BD3181-C401-444E-8BB2-FCBD293D2604}] => (Allow) E:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe

FirewallRules: [{773A4B1D-DC85-4BCF-8A58-F2DAD93669EF}] => (Allow) E:\SteamLibrary\steamapps\common\DOOM\DOOMx64.exe

FirewallRules: [TCP Query User{898FD05B-B0B7-44D0-9F73-074EC316356D}E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [UDP Query User{45C71E27-3590-4BFE-A33D-95A26D98DC81}E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\pogo.necrobot.cli.exe

FirewallRules: [TCP Query User{9E7635C3-6EEC-4009-8C80-C5353CBAF2AA}E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [UDP Query User{E9D9BDFF-1433-4038-BBFC-E610694DBC45}E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teachermewmew\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [TCP Query User{9C1CF9B9-4E77-4EC5-A91F-E62293CEF7F9}E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [UDP Query User{7B850A07-1AF5-4444-8C0B-3F90827ACD1D}E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 tatsuyasenpai77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [TCP Query User{FEF0E3ED-C422-40B8-A4FB-D3ECAA2C3E4D}E:\pokemon go\necrobot-0.2.1 tatsuya77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Block) E:\pokemon go\necrobot-0.2.1 tatsuya77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [UDP Query User{1D5E3A24-0962-4B06-B876-5CA058C6B93F}E:\pokemon go\necrobot-0.2.1 tatsuya77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Block) E:\pokemon go\necrobot-0.2.1 tatsuya77\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [TCP Query User{EEE725C5-87CB-4F09-BDF6-E253D32936D3}E:\pokemon go\necrobot-0.2.1 teacheronisenpai\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teacheronisenpai\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [UDP Query User{6777D8E7-AA82-41A8-8167-3E439D9A0C2C}E:\pokemon go\necrobot-0.2.1 teacheronisenpai\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.2.1 teacheronisenpai\necrobot-0.2.1\pogo.necrobot.cli\bin\debug\necrobot.exe

FirewallRules: [TCP Query User{938B8DD0-179C-464C-B7CD-FCD4293DC7D7}E:\pokemon go\necrobot-0.3.3\release mewmew\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release mewmew\necrobot.exe

FirewallRules: [UDP Query User{D67BE6C9-54A6-4032-A58A-8913FA1D781C}E:\pokemon go\necrobot-0.3.3\release mewmew\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release mewmew\necrobot.exe

FirewallRules: [TCP Query User{A582540E-16EB-4AC1-A94E-BE86727189B7}E:\pokemon go\necrobot-0.3.3\release - tatsuya77\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release - tatsuya77\necrobot.exe

FirewallRules: [UDP Query User{9A4FBEE0-17AE-49DB-9741-96A2009E9B5F}E:\pokemon go\necrobot-0.3.3\release - tatsuya77\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release - tatsuya77\necrobot.exe

FirewallRules: [TCP Query User{5CE91934-7DAD-48CD-B605-9119B186E223}E:\pokemon go\necrobot-0.3.3\release - teacheronisenpai\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release - teacheronisenpai\necrobot.exe

FirewallRules: [UDP Query User{3D05DEBD-5C60-4624-A15F-96A328407633}E:\pokemon go\necrobot-0.3.3\release - teacheronisenpai\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.3.3\release - teacheronisenpai\necrobot.exe

FirewallRules: [TCP Query User{CAE2BB14-0043-4D3B-B9F5-25D5A7D07CB5}E:\pokemon go\necrobot-0.4.0\release teacheronisenpai\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.4.0\release teacheronisenpai\necrobot.exe

FirewallRules: [UDP Query User{862B7CE9-2C28-4EC8-A098-2B34169EBCEF}E:\pokemon go\necrobot-0.4.0\release teacheronisenpai\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.4.0\release teacheronisenpai\necrobot.exe

FirewallRules: [TCP Query User{8CE58C69-A60B-4687-8F1D-57BF9298CDEE}E:\pokemon go\pokemobbot 1.0\release tatsuya77 sf pier thund3r737\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.0\release tatsuya77 sf pier thund3r737\pokemobbot.exe

FirewallRules: [UDP Query User{445B65D1-3206-47BF-BE5D-8C9DA0A249D4}E:\pokemon go\pokemobbot 1.0\release tatsuya77 sf pier thund3r737\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.0\release tatsuya77 sf pier thund3r737\pokemobbot.exe

FirewallRules: [TCP Query User{E64425DD-F395-4C73-B93C-95E539A95673}E:\pokemon go\necrobot-0.4.0\release tatsuyasenpai77\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.4.0\release tatsuyasenpai77\necrobot.exe

FirewallRules: [UDP Query User{85EC2109-3037-4D21-AD6C-D68CE97EDA77}E:\pokemon go\necrobot-0.4.0\release tatsuyasenpai77\necrobot.exe] => (Allow) E:\pokemon go\necrobot-0.4.0\release tatsuyasenpai77\necrobot.exe

FirewallRules: [TCP Query User{6558560E-7E27-4D83-8025-E5ED4A9FF327}E:\pokemon go\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe] => (Allow) E:\pokemon go\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe

FirewallRules: [UDP Query User{AC2317F7-A1DF-49FC-AB48-9EEE328B4790}E:\pokemon go\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe] => (Allow) E:\pokemon go\pogolocationfeeder-release-v0.0.2.1\pogolocationfeeder.exe

FirewallRules: [TCP Query User{A77FC43A-E32B-4A35-9F8D-9461B33026AF}E:\pokemon go\pokemobbot 1.0\release thund3r777 ffm\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.0\release thund3r777 ffm\pokemobbot.exe

FirewallRules: [UDP Query User{8E4AC1E3-9CA6-4C07-BA05-9CD420A4546E}E:\pokemon go\pokemobbot 1.0\release thund3r777 ffm\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.0\release thund3r777 ffm\pokemobbot.exe

FirewallRules: [TCP Query User{98B3718B-7DDB-47D0-B79A-DB994F391348}E:\pokemon go\pokemobbot 1.1.3\release thund3r777 ffm\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release thund3r777 ffm\pokemobbot.exe

FirewallRules: [UDP Query User{43A9DB61-BE24-4BB4-A2ED-C2499F02FABC}E:\pokemon go\pokemobbot 1.1.3\release thund3r777 ffm\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release thund3r777 ffm\pokemobbot.exe

FirewallRules: [TCP Query User{DAEC47B0-6DCE-45C1-8352-9D58B6547EDC}E:\pokemon go\pokemobbot 1.1.3\release thund3r737 sfpier\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release thund3r737 sfpier\pokemobbot.exe

FirewallRules: [UDP Query User{3B04D35D-2637-4DB0-BAAA-B9CB3E256740}E:\pokemon go\pokemobbot 1.1.3\release thund3r737 sfpier\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release thund3r737 sfpier\pokemobbot.exe

FirewallRules: [TCP Query User{F39321AF-63DB-4070-AB58-D67E50C865E5}E:\pokemon go\pokemobbot 1.1.3\release teacheronisenpai sydney\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release teacheronisenpai sydney\pokemobbot.exe

FirewallRules: [UDP Query User{13FC740F-616A-4CFB-9E1F-77E5ABA3C93B}E:\pokemon go\pokemobbot 1.1.3\release teacheronisenpai sydney\pokemobbot.exe] => (Allow) E:\pokemon go\pokemobbot 1.1.3\release teacheronisenpai sydney\pokemobbot.exe

FirewallRules: [{54E156B1-1D17-4800-A28F-84B37323E7A5}] => (Allow) C:\Users\User_PC\AppData\Roaming\Nox\bin\Nox.exe

FirewallRules: [{AF3DAAA7-F965-4D07-A496-10F79D3F679F}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe

FirewallRules: [{D633765C-D237-487E-86AE-8B8413EA6113}] => (Allow) E:\SteamLibrary\steamapps\common\GlassWire\GWLauncher.exe

FirewallRules: [{64835095-14D2-437F-B225-CAA1431F93AF}] => (Allow) E:\SteamLibrary\steamapps\common\GlassWire\GWLauncher.exe

FirewallRules: [{8E7487F3-9AF7-445B-95B3-C0787AB6F8BC}] => (Allow) E:\SteamLibrary\steamapps\common\Istrolid\istrolid.exe

FirewallRules: [{7BC64B69-D3D1-4E86-9B20-9108A97B2EDD}] => (Allow) E:\SteamLibrary\steamapps\common\Istrolid\istrolid.exe

FirewallRules: [{4138E351-B70A-4D69-920E-3A0CDE2CB40C}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{DDCCF5B1-64E2-4893-B7AE-649C8E579CDF}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{8336102C-B7E1-4BE4-9654-2CC71E6A0C26}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{2A5E6A7B-50C6-4731-9C66-42366CAFFFDE}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{5A56A2C0-DBC1-44CA-888F-B32B2C4163B9}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{A3370D95-A28E-48BC-8B8F-A72FCF64CC5D}] => (Allow) C:\Users\User_PC\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{84FACB95-9322-4984-B6EE-0CCD750CEBCD}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe

FirewallRules: [{56D20438-8DB9-4974-8438-721BEAF11FA8}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe

FirewallRules: [{4827F750-5E09-4015-8A70-5DD169A1277D}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe

FirewallRules: [{2AF6475C-0942-42CE-A097-DFB9A5166CEA}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe

FirewallRules: [{B9FDE1F7-D773-4D73-A48C-C6A6E14F348C}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe

FirewallRules: [{D00B6F1C-542D-4758-A28C-00133B18113E}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe

FirewallRules: [{8C418241-4F39-478A-9C5B-CABC3D7BC458}] => (Allow) E:\SteamLibrary\steamapps\common\Guns, Gore and Cannoli\ggc.exe

FirewallRules: [{96DFB0ED-C948-4D05-967A-F217DE0D2D17}] => (Allow) E:\SteamLibrary\steamapps\common\Guns, Gore and Cannoli\ggc.exe

FirewallRules: [{CB88CC24-DC2B-4C40-A383-DB720030FC1B}] => (Allow) E:\SteamLibrary\steamapps\common\Quell Memento\QuellMemento.exe

FirewallRules: [{9D669EA6-A488-45BA-AE1F-8C7BA25FBDAE}] => (Allow) E:\SteamLibrary\steamapps\common\Quell Memento\QuellMemento.exe

FirewallRules: [{A6DD3336-66C7-4872-8169-D90210384ADF}] => (Allow) E:\SteamLibrary\steamapps\common\Valkyria Chronicles\Launcher.exe

FirewallRules: [{9794D608-AFE1-452C-B902-8E37A675A9A9}] => (Allow) E:\SteamLibrary\steamapps\common\Valkyria Chronicles\Launcher.exe

FirewallRules: [{E0EF4CEC-6D34-4987-BB83-2D16B4D1D86E}] => (Allow) E:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe

FirewallRules: [{E07644BB-BF77-4C20-ABD0-AF8D10A1792E}] => (Allow) E:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe

FirewallRules: [{8C8F707F-0492-49FF-9153-D9A1161C99FF}] => (Allow) E:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [{A2C1D4F1-EC66-4BF1-8E17-417F165646F4}] => (Allow) E:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe

FirewallRules: [TCP Query User{008534BB-A2FF-468B-976A-1A01E3257813}E:\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) E:\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe

FirewallRules: [UDP Query User{84CDDB97-410F-422A-924B-931F12BE4E38}E:\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) E:\steamlibrary\steamapps\common\don't starve together\bin\dontstarve_dedicated_server_nullrenderer.exe

FirewallRules: [{65E655CE-6E27-463A-A8D5-50E3C71E2ECE}] => (Allow) E:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe

FirewallRules: [{302EF39B-8F39-4A2F-B4B1-300645931F17}] => (Allow) E:\SteamLibrary\steamapps\common\dont_starve\bin\dontstarve_steam.exe
 

==================== Wiederherstellungspunkte =========================
 

23-05-2017 15:17:38 DirectX wurde installiert

29-05-2017 17:51:32 DirectX wurde installiert

06-06-2017 15:28:03 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch

06-06-2017 15:31:01 Revo Uninstaller's restore point - Adobe Flash Player 23 NPAPI

06-06-2017 15:32:56 Revo Uninstaller's restore point - Avira Antivirus

06-06-2017 15:33:55 Revo Uninstaller's restore point - Avira Connect

06-06-2017 15:34:36 Revo Uninstaller's restore point - JDownloader 2

06-06-2017 16:16:36 JRT Pre-Junkware Removal
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (06/06/2017 04:16:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 1.D.9.A.5.5.A.3.A.A.A.0.3.4.1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR TStar-2.local.
 

Error: (06/06/2017 04:16:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353   13 1.D.9.A.5.5.A.3.A.A.A.0.3.4.1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR TStar.local.
 

Error: (06/06/2017 04:16:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   15 100.2.168.192.in-addr.arpa. PTR TStar-2.local.
 

Error: (06/06/2017 04:16:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353   13 100.2.168.192.in-addr.arpa. PTR TStar.local.
 

Error: (06/06/2017 04:16:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Local Hostname TStar.local already in use; will try TStar-2.local instead
 

Error: (06/06/2017 04:16:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 TStar.local. Addr 192.168.2.100
 

Error: (06/06/2017 04:16:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353   16 TStar.local. AAAA 2003:00DE:BBD8:F87C:2143:0AAA:3A55:A9D1
 

Error: (06/06/2017 04:16:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 TStar.local. AAAA FE80:0000:0000:0000:2143:0AAA:3A55:A9D1
 

Error: (06/06/2017 04:16:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353   16 TStar.local. AAAA 2003:00DE:BBD8:F87C:2143:0AAA:3A55:A9D1
 

Error: (06/06/2017 04:16:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 TStar.local. Addr 192.168.2.100
 
 

Systemfehler:

=============

Error: (06/06/2017 04:16:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (06/06/2017 04:16:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (06/06/2017 04:14:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 

Die Anforderung wird nicht unterstützt.
 

Error: (06/06/2017 04:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (06/06/2017 04:14:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "MSI Command Center DDR Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (06/06/2017 04:14:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "SAMSUNG Mobile Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (06/06/2017 04:14:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (06/06/2017 04:14:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "MSI Live Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (06/06/2017 04:14:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "WindscribeService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (06/06/2017 04:14:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Razer Chroma SDK Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
 

CodeIntegrity:

===================================

  Date: 2017-06-06 16:24:58.401

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-06-06 16:07:10.586

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-06-06 16:06:40.294

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-06-06 16:06:40.063

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-06-06 16:06:39.924

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-06-06 16:04:35.247

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-06-06 15:42:09.707

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-06-06 15:42:09.470

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-06-06 15:42:09.365

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 

  Date: 2017-05-26 10:34:35.275

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz

Prozentuale Nutzung des RAM: 20%

Installierter physikalischer RAM: 16319.7 MB

Verfügbarer physikalischer RAM: 13011.98 MB

Summe virtueller Speicher: 18751.7 MB

Verfügbarer virtueller Speicher: 15054.13 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows) (Fixed) (Total:223.13 GB) (Free:128.53 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

Drive d: (Daten) (Fixed) (Total:935.16 GB) (Free:612.22 GB) NTFS

Drive e: (Games) (Fixed) (Total:927.73 GB) (Free:475.19 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 91F501AD)

Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
 

==================== Ende von Addition.txt ============================

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

FF Extension: (Avira Browser Safety) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\abs@avira.com.xpi [2017-05-27]

CHR Extension: (Avira Browserschutz) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-06]

CHR Extension: (convert2mp3.net Online Video Converter) - D:\Web DL\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl: hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ACHTUNG

emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Hier der Fixlog:

Code:

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-06-2017

durchgeführt von H4wk (06-06-2017 18:15:45) Run:1

Gestartet von D:\Web DL

Geladene Profile: H4wk (Verfügbare Profile: H4wk)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

FF Extension: (Avira Browser Safety) - C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\abs@avira.com.xpi [2017-05-27]

CHR Extension: (Avira Browserschutz) - C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-06]

CHR Extension: (convert2mp3.net Online Video Converter) - D:\Web DL\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl: hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ACHTUNG

emptytemp:

*****************
 

C:\Users\User_PC\AppData\Roaming\Mozilla\Firefox\Profiles\4zcm0j12.default\Extensions\abs@avira.com.xpi => erfolgreich verschoben

C:\Users\User_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben

D:\Web DL\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 <==== ACHTUNG => nicht gefunden
 

=========== EmptyTemp: ==========
 

BITS transfer queue => 8675328 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64622284 B

Java, Flash, Steam htmlcache => 704307747 B

Windows/system/drivers => 31998162 B

Edge => 6005053 B

Chrome => 55320636 B

Firefox => 14195210 B

Opera => 0 B
 

Temp, IE cache, history, cookies, recent:

Default => 0 B

Users => 0 B

ProgramData => 0 B

Public => 0 B

systemprofile => 128 B

systemprofile32 => 128 B

LocalService => 10580 B

NetworkService => 6664 B

User_PC => 411347380 B
 

RecycleBin => 0 B

EmptyTemp: => 1.2 GB temporäre Dateien entfernt.
 

================================
 
 

Das System musste neu gestartet werden.
 

==== Ende von Fixlog 18:16:40 ====