Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 10: Firefox leitet ungewollt auf Werbung und Anker-Links in Texten. (https://www.trojaner-board.de/188353-windows-10-firefox-leitet-ungewollt-werbung-anker-links-texten.html)

Blackhunter 09.02.2018 12:37
Windows 10: Firefox leitet ungewollt auf Werbung und Anker-Links in Texten.
 
Guten Tag,

ich hab seit ein paar Tagen das Problem, dass sich bei Firefox immer wieder Werbung öffnet und Anker-Links sich in den Texten von Seiten einschleichen.
Viele Suchanfragen bei google werden auf yahoo.com umgeleitet.

Hier ist der log von FRST
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08.02.2018
durchgeführt von Dragon (Administrator) auf DESKTOP-2K12HQ3 (09-02-2018 12:15:00)
Gestartet von C:\Users\Dragon\Downloads
Geladene Profile: Dragon (Verfügbare Profile: Dragon)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
(Dassault Systèmes) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
(Microsoft Corporation) E:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
(Geek Software GmbH) E:\Program Files (x86)\PDF24\pdf24.exe
(Mentor Graphics Corporation) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Electronic Arts) E:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Mentor Graphics Corporation) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAC8SWK.EXE
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Discord Inc.) C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\Discord.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Discord Inc.) C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ROCCAT GmbH) E:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(ROCCAT GmbH Co., Ltd.) E:\Program Files (x86)\ROCCAT\Roccat Talk.exe
(ROCCAT GmbH) E:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(Dassault Systèmes SolidWorks Corp.) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp64.exe
(Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Geek Software GmbH) E:\Program Files (x86)\PDF24\pdf24.exe
(ShareX Team) E:\Program Files\ShareX\ShareX.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Binary Fortress Software) E:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Steven Mayall) E:\Program Files (x86)\MusicBee\MusicBee.exe
(Electronic Arts) E:\Program Files (x86)\Origin\Origin.exe
() E:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() E:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [RoccatIskuFX] => E:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKoneXTD] => E:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM-x32\...\Run: [PDFPrint] => E:\Program Files (x86)\PDF24\pdf24.exe [413320 2017-09-14] (Geek Software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [Discord] => C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [DisplayFusion] => E:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8626064 2017-11-14] (Binary Fortress Software)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-01-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2386392 2018-01-30] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2017-10-19]
ShortcutTarget: Roccat Talk.lnk -> E:\Program Files (x86)\ROCCAT\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Fast Start.lnk [2017-11-08]
ShortcutTarget: SOLIDWORKS 2017 Fast Start.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\Users\Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-02-04]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2017-11-30]
ShortcutTarget: ShareX.lnk -> E:\Program Files\ShareX\ShareX.exe (ShareX Team)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8b6e54a5-7c52-4c4d-ab55-7b220501d502}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {C3792918-C8C3-4DB2-9217-F07AA79DE802} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\.DEFAULT -> {C3792918-C8C3-4DB2-9217-F07AA79DE802} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-3012858150-3015319604-1906791415-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-02-01] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-30] (Oracle Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-02-01] (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Keine Datei
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-02-01] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-02-01] (Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)

Edge:
======
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2018-02-04]

FireFox:
========
FF DefaultProfile: z9kow66c.default-1518035987603
FF ProfilePath: C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603 [2018-02-09]
FF Extension: (BetterTTV) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\firefox@betterttv.net.xpi [2018-02-09]
FF Extension: (FrankerFaceZ) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\frankerfacez@frankerfacez.com.xpi [2018-02-09]
FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\jid0-bnmfwWw2w2w4e4edvcdDbnMhdVg@jetpack.xpi [2018-02-07]
FF Extension: (BugzillaJS) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\jid0-NgMDcEu2B88AbzZ6ulHodW9sJzA@jetpack.xpi [2018-02-07]
FF Extension: (uBlock Origin) - C:\Users\Dragon\AppData\Roaming\Mozilla\Firefox\Profiles\z9kow66c.default-1518035987603\Extensions\uBlock0@raymondhill.net.xpi [2018-02-07]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2017-09-29]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2017-09-29] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Composer Player\Bin\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-30] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-02-06] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-01-30] (Adobe Systems)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Composer Player\Bin\x86\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-01-30] (Adobe Systems)
StartMenuInternet: Firefox-A170175AFC21990C - E:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-01-30] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2090152 2017-08-11] (Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968432 2018-01-30] (Microsoft Corporation)
S3 CoordinatorServiceHost; E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81304 2017-02-04] (Dassault Systèmes SolidWorks Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-25] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-25] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-02-05] (Dropbox, Inc.)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103072 2017-12-04] (Bitdefender)
R2 DisplayFusionService; E:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5291424 2017-11-14] (Binary Fortress Software)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1284328 2018-02-09] ()
R2 ewserver; E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [184368 2017-02-03] ()
S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2017-02-03] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 MSSQL$TEW_SQLEXPRESS; E:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2154816 2018-01-20] (Electronic Arts)
R2 Origin Web Helper Service; E:\Program Files (x86)\Origin\OriginWebHelperService.exe [3024712 2018-01-20] (Electronic Arts)
R2 PDF24; E:\Program Files (x86)\PDF24\pdf24.exe [413320 2017-09-14] (Geek Software GmbH)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
R2 RemoteSolverDispatcher; E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [240136 2017-02-03] (Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-11-08] (SolidWorks) [Datei ist nicht signiert]
S4 SQLAgent$TEW_SQLEXPRESS; E:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation)
R2 SWVisualize2017.Queue.Server; E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [26008 2017-02-03] (Dassault Systèmes)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [118096 2018-02-01] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1170712 2018-02-01] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1058784 2018-02-01] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1765336 2018-02-01] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-06-06] (BitDefender LLC)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47376 2017-11-24] (© Bitdefender SRL)
S3 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
S3 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [338744 2018-02-01] (Bitdefender)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45192 2017-08-18] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-04-11] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [47096 2017-12-31] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-02-09 12:15 - 2018-02-09 12:15 - 000029894 _____ C:\Users\Dragon\Downloads\FRST.txt
2018-02-09 12:14 - 2018-02-09 12:15 - 000000000 ____D C:\FRST
2018-02-09 12:14 - 2018-02-09 12:14 - 002401792 _____ (Farbar) C:\Users\Dragon\Downloads\FRST64.exe
2018-02-09 12:00 - 2018-02-09 12:02 - 020410532 _____ C:\Users\Dragon\Downloads\3HpI14kolcG4NP.rar.part
2018-02-09 12:00 - 2018-02-09 12:00 - 092815360 _____ C:\Users\Dragon\Downloads\0AqxIq3hBMeTGP.rar.part
2018-02-09 12:00 - 2018-02-09 12:00 - 000000000 _____ C:\Users\Dragon\Downloads\3HpI14kolcG4NP.rar
2018-02-09 12:00 - 2018-02-09 12:00 - 000000000 _____ C:\Users\Dragon\Downloads\0AqxIq3hBMeTGP.rar
2018-02-07 21:39 - 2018-02-07 21:39 - 000000000 ____D C:\Users\Dragon\Desktop\Alte Firefox-Daten
2018-02-07 21:39 - 2018-02-07 21:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-02-07 00:03 - 2018-02-07 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-06 22:15 - 2018-02-06 22:52 - 000000000 ____D C:\Users\Dragon\Documents\Overwatch
2018-02-06 22:13 - 2018-02-06 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2018-02-06 21:51 - 2018-02-06 21:51 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2018-02-06 21:49 - 2018-02-07 21:34 - 000000000 ____D C:\Users\Dragon\AppData\Local\Battle.net
2018-02-06 21:49 - 2018-02-06 22:41 - 000000000 ____D C:\Users\Dragon\AppData\Local\Blizzard Entertainment
2018-02-06 21:49 - 2018-02-06 22:15 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Battle.net
2018-02-06 21:49 - 2018-02-06 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-02-06 21:48 - 2018-02-06 21:48 - 000000000 ____D C:\Users\Dragon\AppData\Local\Blizzard
2018-02-06 21:47 - 2018-02-06 21:47 - 000000000 ____D C:\ProgramData\Battle.net
2018-02-06 09:06 - 2018-02-06 09:06 - 000003592 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-2K12HQ3-Dragon
2018-02-05 12:25 - 2018-02-05 12:25 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-02-05 12:25 - 2018-02-05 12:25 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-02-05 12:25 - 2018-02-05 12:25 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-02-05 12:25 - 2018-02-05 12:25 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-02-05 09:51 - 2018-02-05 09:51 - 001434797 _____ C:\Users\Dragon\Downloads\shadersmod112.exe
2018-02-05 09:51 - 2018-02-05 09:51 - 000000247 _____ C:\SILENT
2018-02-04 23:47 - 2018-02-05 22:22 - 000000000 ____D C:\Users\Dragon\AppData\Local\PlaceholderTileLogoFolder
2018-02-04 15:53 - 2018-02-04 15:53 - 000001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-01-29 22:21 - 2018-01-23 23:42 - 000137712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-01-29 22:21 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-01-29 22:21 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-01-29 22:21 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-01-29 22:21 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-01-29 22:19 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001334808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001325384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001049480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 001043128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000795928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000740336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000599352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-01-29 22:19 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-27 21:28 - 2018-01-27 21:28 - 007906720 _____ (Tim Kosse) C:\Users\Dragon\Downloads\FileZilla_3.30.0_win64-setup.exe
2018-01-27 20:06 - 2018-01-27 20:06 - 000000000 ____D C:\Users\Dragon\Documents\FeedbackHub
2018-01-23 21:28 - 2018-01-23 21:28 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-01-23 21:27 - 2018-01-23 21:27 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-01-18 19:01 - 2018-01-18 19:01 - 000000000 ____D C:\Users\Dragon\AppData\Local\ESET
2018-01-18 18:56 - 2018-01-18 18:59 - 000000000 ____D C:\AdwCleaner
2018-01-17 19:29 - 2018-01-17 19:29 - 000301536 _____ C:\WINDOWS\ntbtlog.txt
2018-01-17 19:29 - 2018-01-17 19:29 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-01-13 15:49 - 2018-01-14 20:28 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-01-13 15:49 - 2018-01-13 15:49 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-02-09 12:07 - 2017-10-18 20:48 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\TS3Client
2018-02-09 11:56 - 2017-10-18 17:02 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Skype
2018-02-09 11:54 - 2017-11-26 19:30 - 000000000 ____D C:\Users\Dragon\Documents\Elster
2018-02-09 11:47 - 2017-11-26 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2018-02-09 11:46 - 2017-11-30 19:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-09 09:35 - 2018-01-06 16:48 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7C79EDC0-9C42-49DE-ADFA-5FE64895D923}
2018-02-09 09:35 - 2017-11-08 19:05 - 000000000 ____D C:\Users\Dragon\AppData\Local\Adobe
2018-02-09 09:34 - 2017-10-17 10:58 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-09 09:32 - 2018-01-06 15:29 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Origin
2018-02-07 22:36 - 2018-01-06 15:28 - 000000000 ____D C:\ProgramData\Origin
2018-02-07 21:49 - 2018-01-06 16:59 - 000000000 ____D C:\Users\Dragon\Desktop\WSC
2018-02-07 21:48 - 2017-12-30 17:15 - 000000000 ____D C:\Users\Dragon\Desktop\Dein MeineKraft
2018-02-07 21:48 - 2017-10-18 17:06 - 000000000 ____D C:\Users\Dragon\Desktop\Programme
2018-02-07 21:43 - 2017-11-30 19:18 - 002591498 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-07 21:43 - 2017-10-18 16:09 - 000000000 ____D C:\Users\Dragon\AppData\LocalLow\Mozilla
2018-02-07 21:43 - 2017-09-30 15:35 - 001156912 _____ C:\WINDOWS\system32\perfh007.dat
2018-02-07 21:43 - 2017-09-30 15:35 - 000280306 _____ C:\WINDOWS\system32\perfc007.dat
2018-02-07 21:40 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-07 21:39 - 2017-10-29 09:33 - 000000000 ___RD C:\Users\Dragon\Creative Cloud Files
2018-02-07 21:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-07 21:38 - 2017-10-18 16:51 - 000000000 ____D C:\Program Files\Microsoft Office
2018-02-07 21:37 - 2017-11-30 19:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-07 21:37 - 2017-10-19 16:39 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\MusicBee
2018-02-07 21:37 - 2017-10-18 16:03 - 000012168 _____ C:\bdlog.txt
2018-02-07 21:37 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-07 21:37 - 2017-09-29 09:45 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2018-02-07 21:25 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-07 20:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-07 20:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-07 20:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-07 00:03 - 2017-10-25 18:43 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-02-06 23:30 - 2017-10-18 17:06 - 000000000 ____D C:\Users\Dragon\Desktop\Spiele
2018-02-06 15:28 - 2017-11-24 19:53 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\.minecraft
2018-02-06 12:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 12:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 11:45 - 2017-11-24 19:38 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\FileZilla
2018-02-06 09:33 - 2017-10-18 21:12 - 000000000 ____D C:\Users\Dragon\Documents\ShareX
2018-02-06 09:01 - 2017-10-17 10:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 14:47 - 2017-11-30 19:16 - 000000000 ____D C:\Users\Dragon\AppData\Local\Packages
2018-02-05 09:53 - 2017-10-19 17:47 - 000000000 ____D C:\Users\Dragon\AppData\Local\CrashDumps
2018-02-04 16:27 - 2017-10-18 15:44 - 000000000 ____D C:\Users\Dragon\AppData\Local\NVIDIA
2018-02-04 16:12 - 2017-10-18 15:44 - 000000000 ____D C:\Users\Dragon\AppData\Local\ConnectedDevicesPlatform
2018-02-04 15:52 - 2017-10-20 23:00 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-02-04 15:52 - 2017-10-17 10:48 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-03 13:33 - 2017-11-24 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-02-02 19:34 - 2017-12-22 11:33 - 000000000 ____D C:\Users\Dragon\Documents\JGV Kleinbüllesheim
2018-02-01 19:25 - 2017-10-18 15:58 - 001765336 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2018-02-01 19:25 - 2017-10-18 15:58 - 001058784 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2018-02-01 19:25 - 2017-10-18 15:58 - 000338744 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2018-01-29 22:21 - 2017-10-17 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-01-29 22:21 - 2017-10-17 10:58 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-29 22:21 - 2017-10-17 10:58 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-01-29 22:21 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-29 22:15 - 2017-11-30 19:19 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-11-30 19:19 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-01-29 22:15 - 2017-10-17 10:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-27 21:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-26 17:34 - 2017-11-30 19:19 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3012858150-3015319604-1906791415-1002
2018-01-26 17:34 - 2017-10-18 15:45 - 000002397 _____ C:\Users\Dragon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-26 17:34 - 2017-10-18 15:45 - 000000000 ___RD C:\Users\Dragon\OneDrive
2018-01-24 01:23 - 2017-11-16 20:00 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-24 01:23 - 2017-11-16 20:00 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-01-24 01:23 - 2017-11-16 20:00 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-24 00:11 - 2017-10-17 10:58 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-23 23:57 - 2017-10-17 10:58 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57 - 2017-10-17 10:58 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-23 21:27 - 2017-11-08 19:05 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Adobe
2018-01-23 21:27 - 2017-10-19 15:53 - 000000000 ____D C:\Users\Dragon\Documents\Adobe
2018-01-22 06:46 - 2017-10-17 10:58 - 007947791 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-18 18:59 - 2017-11-30 19:16 - 000000000 ____D C:\Users\Dragon
2018-01-18 18:58 - 2017-10-18 15:45 - 000000008 __RSH C:\ProgramData\ntuser.pol
2018-01-17 19:13 - 2017-11-30 11:33 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-14 20:27 - 2017-11-08 19:05 - 000000000 ____D C:\ProgramData\Adobe
2018-01-13 14:43 - 2017-11-22 17:45 - 000001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2018.lnk
2018-01-13 14:42 - 2017-11-03 23:57 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\Notepad++
2018-01-13 14:37 - 2017-11-22 17:43 - 000000000 ____D C:\Program Files\Adobe
2018-01-10 19:40 - 2017-07-13 14:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 19:39 - 2017-10-18 21:42 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 19:39 - 2017-10-18 16:20 - 000000000 ____D C:\Users\Dragon\AppData\Roaming\discord
2018-01-10 19:39 - 2017-07-13 14:02 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-10 15:33 - 2017-10-17 10:59 - 002425656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-01-10 15:33 - 2017-10-17 10:59 - 002090800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-01-10 15:33 - 2017-10-17 10:59 - 001310008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-01-10 10:41 - 2017-10-17 10:59 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-10-24 19:44 - 2017-10-24 19:44 - 000007357 _____ () C:\Users\Dragon\AppData\Local\recently-used.xbel
2017-12-04 22:54 - 2017-12-05 22:42 - 000000000 _____ () C:\Users\Dragon\AppData\Local\Temptable.xml

Einige Dateien in TEMP:
====================
2018-02-05 10:05 - 2018-02-05 10:05 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-1860391971259494434.dll
2018-02-05 10:02 - 2018-02-05 10:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-1976829252780265679.dll
2018-02-05 09:47 - 2018-02-05 09:47 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-2320481345951977011.dll
2018-02-05 09:44 - 2018-02-05 09:44 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-2347750847819681688.dll
2018-02-05 09:55 - 2018-02-05 09:55 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-2656053374831016220.dll
2018-02-06 13:51 - 2018-02-06 13:51 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-3879020603529766942.dll
2018-02-05 10:00 - 2018-02-05 10:00 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-5704812642758084849.dll
2018-02-05 09:46 - 2018-02-05 09:46 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-601811976392456653.dll
2018-02-05 09:55 - 2018-02-05 09:55 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-6115492736002163239.dll
2018-02-05 10:07 - 2018-02-05 10:07 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-6331981582616892757.dll
2018-02-05 09:44 - 2018-02-05 09:44 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-6464180312889170293.dll
2018-02-05 10:18 - 2018-02-05 10:18 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-6880964939987508599.dll
2018-02-05 10:15 - 2018-02-05 10:15 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-691417073719703130.dll
2018-02-05 10:03 - 2018-02-05 10:03 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-7087624380406155340.dll
2018-02-05 10:30 - 2018-02-05 10:30 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-7824266881673283105.dll
2018-02-06 15:28 - 2018-02-06 15:28 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-8648675716350005115.dll
2018-02-05 10:20 - 2018-02-05 10:20 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Dragon\AppData\Local\Temp\jansi-64-9161820950178068352.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-02-09 11:19

==================== Ende von FRST.txt ============================

Blackhunter 09.02.2018 12:38
und die Addition.txt

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08.02.2018
durchgeführt von Dragon (09-02-2018 12:15:50)
Gestartet von C:\Users\Dragon\Downloads
Windows 10 Home Version 1709 16299.192 (X64) (2017-11-30 18:21:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3012858150-3015319604-1906791415-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3012858150-3015319604-1906791415-503 - Limited - Disabled)
Dragon (S-1-5-21-3012858150-3015319604-1906791415-1002 - Administrator - Enabled) => C:\Users\Dragon
Gast (S-1-5-21-3012858150-3015319604-1906791415-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3012858150-3015319604-1906791415-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 17.01 beta (x64) (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_0_1) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1) (Version: 19.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 15 (HKLM-x32\...\{E2D8F773-2E59-45CA-B0EA-CFFA5354A9E7}) (Version: 15.0 - Adobe Systems Incorporated)
Badge Studio (HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Badge Studio) (Version: 1.4.100 - Copyright 2016, Evolis Card Printer)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 22.0.12.161 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.10.141 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon LBP5050 (HKLM\...\Canon LBP5050) (Version:  - )
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version:  - Cheat Engine)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
Discord (HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Discord) (Version: 0.0.300 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
DisplayFusion 9.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.1.0.0 - Binary Fortress Software)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Dropbox (HKLM-x32\...\Dropbox) (Version: 43.4.49 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\{E72B1CF6-FA6F-4434-9F3B-BAA7DD7B0B96}) (Version: 18.7.0.2 - Thüringer Landesfinanzdirektion)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.50.34893 - Electronic Arts)
FileZilla Client 3.30.0 (HKLM-x32\...\FileZilla Client) (Version: 3.30.0 - Tim Kosse)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Multiplayer (HKLM-x32\...\GrandTheftMultiplayer) (Version:  - Grand Theft Multiplayer Team)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LibreOffice 5.3.7.2 (HKLM\...\{117F3217-458C-4371-B222-00C69DE96CB2}) (Version: 5.3.7.2 - The Document Foundation)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.9001.2138 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.9001.2138 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.9001.2138 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Pro (HKLM-x32\...\{5a385481-7640-4f10-8ca5-04a2030b4623}) (Version: 4.4.65.20341 - Screaming Bee)
MorphVOX Pro (HKLM-x32\...\{A4905D81-A3F5-458F-838A-57B2B82F7D72}) (Version: 4.4.65.20341 - Screaming Bee) Hidden
Mozilla Firefox 57.0.3 (x64 de) (HKLM\...\Mozilla Firefox 57.0.3 (x64 de)) (Version: 57.0.3 - Mozilla)
Mozilla Firefox 58.0.1 (x64 de) (HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\Mozilla Firefox 58.0.1 (x64 de)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall)
MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Grafiktreiber 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\...\OpenIV) (Version: 2.9.1.926 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.10.24870 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PDF24 Creator 8.2.3 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
ROCCAT  KoneXTD Driver (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02.002 - Roccat GmbH) Hidden
ROCCAT  KoneXTD Driver (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02.002 - Roccat GmbH)
ROCCAT IskuFX Driver (HKLM\...\{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02.0001 - Roccat GmbH) Hidden
ROCCAT IskuFX Driver (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02.0001 - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0015 - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.0.0 - ShareX Team)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SOLIDWORKS 2017 German Resources (HKLM\...\{E89ACD02-EE41-4947-AEA3-7D17126F0BE0}) (Version: 25.120.52 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP02 (HKLM\...\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}) (Version: 25.120.52 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP02 (HKLM-x32\...\SolidWorks Installation Manager 20170-40200-1100-100) (Version: 25.2.0.52 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2017 SP02 (HKLM\...\{2F5D372A-EE3F-4201-8899-AA717AB91110}) (Version: 25.20.52 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2017 SP02 (HKLM\...\{061157FB-631D-480A-B8AB-529E455BA74D}) (Version: 17.2.0029 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Electrical2017 SP02 (HKLM\...\{B4DEFB17-F6CA-4FBD-8FE3-2D22D6F7186B}) (Version: 25.20.52 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Flow Simulation 2017 SP02  (HKLM\...\{C69508D6-6335-49D1-A206-50DCA9A166AE}) (Version: 25.20.53 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Plastics 2017 SP02 (HKLM\...\{BB73823B-4D4D-44FF-86A3-4CDC21CF76F0}) (Version: 25.20.52 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Visualize 2017 SP02 (HKLM\...\{D802560E-F2DA-4CCD-85EB-C29437F112F2}) (Version: 25.20.52 - Dassault Systemes SolidWorks Corp) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3012858150-3015319604-1906791415-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ShellIconOverlayIdentifiers-x32: [  DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => E:\Program Files\Notepad++\NppShell_06.dll [2017-12-05] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-05] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => E:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-01-04] ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B6DF553-6C7B-4399-9BCF-96481F5B18AE} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {16D5593A-FC8C-4104-8055-7CE4AC1863CA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {1779251B-3AB5-428D-A3E8-2D1262DA2DCE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {17BC9FA4-7A74-4520-8A44-98A3BF457817} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-2K12HQ3-Dragon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {18144FAA-C084-408A-B018-E57945AB5558} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-02-01] (Bitdefender)
Task: {2C19F170-4C32-4C21-BDDE-5B0A167AC679} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-02-06] (Microsoft Corporation)
Task: {40FA3FC9-557F-4E8A-8660-378A57BD8DEE} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {4F801EAE-27BB-4F27-89D2-DCDAAF74FB7B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-06] (Microsoft Corporation)
Task: {53A7892D-4D2C-4622-AC52-AD7EF3F16582} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {59BFE574-A0BA-43CB-BFD1-2F1E27BE0929} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-25] (Dropbox, Inc.)
Task: {78572BD8-1449-49AD-B865-BE8A74DD8F07} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {96A44F9B-B9F0-4144-88FD-0A5E9F28FDC2} - System32\Tasks\S-1-5-21-3012858150-3015319604-1906791415-1002\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {A1797A3F-8349-47B7-90CC-C77A0CA325E7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-25] (Dropbox, Inc.)
Task: {AD5AF17D-58B7-4A9B-B8CB-E5129E717E45} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-30] (Microsoft Corporation)
Task: {B5A14BD9-906D-42F9-A653-0DDA4C859B57} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {C3F7FBB5-8677-45D4-81D4-C746B425F9E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-30] (Microsoft Corporation)
Task: {CAEB698C-431B-4720-9B96-D29D8453B1D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {CB15CCB2-8CB6-4202-B140-8FAFB4959CE0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {CB8199A5-7E41-4E9F-BE3A-A28755276979} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-06] (Microsoft Corporation)
Task: {CBE5B8C0-B064-4793-8FED-C7FC8C77929D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {CD6CBE02-9C9C-49E2-83DA-2EFC16140410} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-02-06] (Microsoft Corporation)
Task: {CF1BA7D5-E831-4099-82DF-0CBCCBD8976F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {D9C66BDC-1CA4-462A-9C07-FF3309A750B1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {EFA1D8C6-C6CE-4E15-9FE4-D9A1CB751CB9} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-2K12HQ3-Dragon => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 15:58 - 2017-02-07 11:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl
2017-10-18 15:58 - 2017-02-07 11:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl
2017-10-18 15:58 - 2017-02-07 11:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl
2017-10-18 15:58 - 2017-02-07 11:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl
2018-01-09 10:04 - 2018-01-24 01:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-10-17 10:59 - 2018-01-10 15:33 - 001268024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-03 20:30 - 2017-02-03 20:30 - 000184368 _____ () E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
2017-10-17 10:58 - 2018-01-23 23:57 - 000133704 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-04 09:04 - 2018-01-04 09:04 - 000649672 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-01-08 14:00 - 2018-01-08 14:00 - 000076456 _____ () E:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-12-12 21:41 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-12 21:41 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-08-18 10:01 - 2017-08-18 10:01 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-08-18 10:01 - 2017-08-18 10:01 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-02-04 01:43 - 2017-02-04 01:43 - 000272280 _____ () E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldBodyDiffu.dll
2018-01-04 09:04 - 2018-01-04 09:04 - 035292104 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-09-29 14:41 - 2017-09-29 14:41 - 001949184 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2017-10-18 16:52 - 2017-10-18 16:52 - 002210480 _____ () C:\Program Files\Microsoft Office\Root\Office16\tmpod.dll
2017-10-18 16:52 - 2018-02-06 09:07 - 001402032 _____ () C:\Program Files\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2017-10-18 16:55 - 2017-11-21 22:43 - 001902776 _____ () C:\Program Files\Microsoft Office\root\Office16\ClientTelemetry.dll
2018-01-31 17:22 - 2018-01-20 09:23 - 000021824 _____ () E:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2018-02-02 18:42 - 2018-02-02 18:42 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-12-14 17:11 - 2017-12-14 17:11 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-18 16:36 - 2017-10-18 16:36 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-14 09:12 - 2017-11-14 09:12 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-18 16:36 - 2017-10-18 16:36 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-10-18 16:36 - 2017-10-18 16:36 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
2017-12-14 17:11 - 2017-12-14 17:11 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-02-07 20:42 - 2018-02-07 20:42 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-10-17 10:59 - 2018-01-10 15:33 - 001041208 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-27 10:40 - 2017-11-29 06:09 - 000781088 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2017-10-18 16:20 - 2016-09-01 02:02 - 004969248 _____ () E:\Program Files (x86)\Steam\v8.dll
2017-12-27 10:40 - 2017-12-15 20:59 - 002558752 _____ () E:\Program Files (x86)\Steam\video.dll
2017-10-18 16:20 - 2016-09-01 02:02 - 001563936 _____ () E:\Program Files (x86)\Steam\icui18n.dll
2017-10-18 16:20 - 2016-09-01 02:02 - 001195296 _____ () E:\Program Files (x86)\Steam\icuuc.dll
2017-12-27 10:40 - 2017-11-04 02:54 - 005137696 _____ () E:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-27 10:40 - 2017-11-04 02:54 - 000695584 _____ () E:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-27 10:40 - 2017-11-04 02:54 - 000351520 _____ () E:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-27 10:40 - 2017-11-04 02:54 - 000847136 _____ () E:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-27 10:40 - 2017-11-04 02:54 - 000783648 _____ () E:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-27 10:40 - 2017-12-15 20:59 - 000904992 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-10-18 16:20 - 2016-07-04 23:17 - 000266560 _____ () E:\Program Files (x86)\Steam\openvr_api.dll
2018-01-09 10:29 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-10 19:39 - 2018-01-10 19:39 - 001780216 _____ () \\?\C:\Users\Dragon\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-01-09 10:29 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-09 10:29 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Dragon\AppData\Local\Discord\app-0.0.300\libegl.dll
2017-10-18 16:20 - 2017-09-07 03:04 - 000678400 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-12-27 10:40 - 2017-10-31 05:44 - 071471904 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-10-18 16:20 - 2015-09-25 00:52 - 000119208 _____ () E:\Program Files (x86)\Steam\winh264.dll
2018-01-10 19:39 - 2018-01-27 17:20 - 009817080 _____ () \\?\C:\Users\Dragon\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-10 19:39 - 2018-02-01 18:41 - 001508344 _____ () \\?\C:\Users\Dragon\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-10 19:39 - 2018-01-10 19:39 - 000513016 _____ () \\?\C:\Users\Dragon\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-10 19:39 - 2018-01-10 19:39 - 002662904 _____ () \\?\C:\Users\Dragon\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-10 19:39 - 2018-02-01 18:41 - 001518072 _____ () \\?\C:\Users\Dragon\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-10 19:39 - 2018-01-10 19:39 - 002749944 _____ () \\?\C:\Users\Dragon\AppData\Roaming\discord\0.0.300\modules\discord_contact_import\discord_contact_import.node
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 _____ () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-10-18 21:58 - 2012-07-08 15:31 - 000061440 _____ () E:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2017-10-19 17:27 - 2012-06-17 10:20 - 000061440 _____ () E:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2018-02-07 00:03 - 2018-02-05 12:25 - 000740168 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-02-07 00:03 - 2018-02-05 12:25 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-10-25 18:44 - 2018-02-05 12:25 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-02-07 00:03 - 2018-02-05 12:25 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-02-07 00:03 - 2018-02-05 12:25 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-10-25 18:44 - 2018-02-05 12:25 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-02-07 00:03 - 2018-02-05 12:25 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-02-07 00:03 - 2018-02-05 12:25 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-10-25 18:44 - 2018-02-05 12:28 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 001796416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 001956672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 003859272 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000521032 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000100704 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-10-25 18:44 - 2018-02-05 12:25 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-10-25 18:44 - 2018-02-05 12:28 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-02-07 00:03 - 2018-02-05 12:25 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-02-07 00:03 - 2018-02-05 12:27 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-02-07 00:03 - 2018-02-05 12:25 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-01-11 22:07 - 2018-02-05 12:28 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-10-25 18:44 - 2018-02-05 12:28 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-02-07 00:03 - 2018-02-05 12:27 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-10-25 18:44 - 2018-02-05 12:28 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000545096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000359232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-02-07 00:03 - 2018-02-05 12:27 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2018-01-30 21:28 - 2018-01-30 21:28 - 067115984 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2018-01-08 14:00 - 2018-01-08 14:00 - 000073384 _____ () E:\Program Files\FileZilla FTP Client\fzshellext.dll
2018-01-30 08:38 - 2018-01-30 08:38 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-01-30 08:39 - 2018-01-30 08:39 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-01-30 08:38 - 2018-01-30 08:38 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2018-01-30 08:38 - 2018-01-30 08:38 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-01-30 21:53 - 2018-01-30 21:53 - 000099792 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-01-30 08:38 - 2018-01-30 08:38 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2018-01-30 21:47 - 2018-01-30 21:47 - 000125912 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-01-30 21:47 - 2018-01-30 21:47 - 000125392 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2018-01-30 21:47 - 2018-01-30 21:47 - 000133072 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-01-30 21:47 - 2018-01-30 21:47 - 000222168 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-01-30 21:47 - 2018-01-30 21:47 - 000099792 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-01-30 21:47 - 2018-01-30 21:47 - 000106456 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2018-01-30 21:47 - 2018-01-30 21:47 - 000094168 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-09-14 19:25 - 2016-09-14 19:25 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-18 22:09 - 2017-04-18 22:09 - 000101888 _____ () E:\Program Files (x86)\MusicBee\MusicBeeBass.dll
2018-01-31 17:22 - 2018-01-20 09:22 - 000015360 _____ () E:\Program Files (x86)\Origin\libEGL.DLL
2018-01-31 17:22 - 2018-01-20 09:22 - 003090944 _____ () E:\Program Files (x86)\Origin\libGLESv2.dll
2017-12-27 10:40 - 2017-10-31 05:44 - 002020128 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-12-27 10:40 - 2017-10-31 05:44 - 000114464 _____ () E:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 22:03 - 2018-02-09 11:31 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3012858150-3015319604-1906791415-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\CSL.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A83BFBD2-0B58-42D1-A5D9-AFC1A58FA149}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DepthHunter2\dh2.exe
FirewallRules: [{7F5E9A03-E335-4EE2-AA77-350577B488EC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DepthHunter2\dh2.exe
FirewallRules: [{068F8642-12E7-4CAA-9FBE-996CE779EB98}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{EC671345-F2B7-44B5-838A-9F3010B39997}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{F1FB6DA5-11ED-427E-8FFA-3CA93D337009}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{F4460FAD-27F5-4205-9A86-24DB76B976A7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{465C49C2-480C-486C-A277-A077E208FC74}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{DC28B498-CEFF-4BCB-86DE-AAC0C62AEABE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [UDP Query User{EF4589F2-A1F3-4564-8916-2C68793D4A8A}E:\program files (x86)\screaming bee\morphvox pro\morphvoxpro.exe] => (Allow) E:\program files (x86)\screaming bee\morphvox pro\morphvoxpro.exe
FirewallRules: [TCP Query User{36D50ACF-DD82-4D87-BE87-272274B76AF3}E:\program files (x86)\screaming bee\morphvox pro\morphvoxpro.exe] => (Allow) E:\program files (x86)\screaming bee\morphvox pro\morphvoxpro.exe
FirewallRules: [UDP Query User{44FE2A92-5FD8-4183-BD74-15C1C9AD499C}D:\programme (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\programme (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
FirewallRules: [TCP Query User{36FD1A73-326B-4B3E-B6F7-630D022A6362}D:\programme (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) D:\programme (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe
FirewallRules: [{DC00539E-4092-4621-BA77-3E27B5D8A7EC}] => (Allow) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
FirewallRules: [{8B4C65E3-4648-410E-8D5E-2693FB04293C}] => (Allow) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe
FirewallRules: [{CDBF2130-A913-45F4-93EF-671047518D9E}] => (Allow) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{986B7B81-407F-455B-81FD-6C8A729BB814}] => (Allow) E:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{DE05C149-06F6-42C2-8619-2EF4D899D74C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BDF8D146-7862-46C3-8F9D-059E58DD14EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{671D9717-36A3-4E2A-B717-6422E1EAADB5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC958E6C-0CA0-452E-A0C7-A951C065AAF0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D4CFE605-3CB2-436B-B334-75125D9513A2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4B1A7B06-7BA8-4AD4-9468-23544EDD92A9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CB03196E-0ED3-45ED-845A-0172EB65499B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D28C9D89-3B06-46D0-96F6-15E83A3E10B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0861CC18-4D12-4ECE-AA09-9A7C4C793211}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C032DC8B-BAC1-4901-934E-D56F0CDA7BFF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe
FirewallRules: [{C1F99998-CE9B-48D1-98D1-93A3CD6D461E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe
FirewallRules: [{67CAACAC-1746-4B68-A915-331E1F75FA63}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{FDC37A2F-B082-44FE-85BD-2BA8F41504F2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{4FA6A4FE-EED2-4AB4-910C-074EB40025D7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{68C61C5D-D5AB-4C05-9267-3DB03EDD8123}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{FB1AD0DD-B73A-46AD-BBDB-97519CF997DA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8D2D37C4-EA37-4979-8FBE-9D0DAE3BCFAA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{E2677B15-18F6-46BD-A182-29B8BCE8B0BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{56466669-F933-4CB3-AB98-5A2E906126CC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{4B919E17-0489-4383-A00F-E09E7165B3E8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{7B694EB6-2046-4C46-AF64-35CDDE465DEB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{06745EE7-9C01-48A9-8947-6140FADBF44A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{3A46CC21-24D2-4F2E-B79C-55FF698AB4FD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{0B3FDF7A-913D-4305-A565-3E5E08CA65A1}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe
FirewallRules: [{FD82F677-28F9-4D0B-92F9-E6CB00DBED0C}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe
FirewallRules: [UDP Query User{47EDFC5B-6245-4F36-A5BC-D4F2D75974BE}E:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) E:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [TCP Query User{A7F7EBF2-864F-46FF-99E3-E4C752C42787}E:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Block) E:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [{5A2A11BF-854F-4BB2-AFE4-A7004243B580}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{9B5FE8FA-4E4C-46D2-AB3A-2445F2A772DC}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{3B83BEF5-55AF-44A3-ADBD-CEC3F95B73C0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{28ABE23E-C427-44C9-BC4D-432DB236478C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B9B41118-6975-4210-8E1F-1C68B6C32233}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Your Friends.exe
FirewallRules: [{AF1038C0-8CED-4FEA-BA35-F76E5266182E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Golf With Friends\Golf With Your Friends.exe
FirewallRules: [{F5221E97-ED4A-42D9-9634-6BEA27C7BC9A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{F2E39E7E-0DC0-49EF-9E8A-736A73086D28}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{340CB152-0E7E-4D9F-9302-DCC772E705E8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{C565F6E0-23C6-47B4-95CC-6897E1DE70E9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{79894D3E-521D-4A03-81E2-8A9B32D0C2E0}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2E67F40E-EA2D-4A15-9B7B-5CA5EB439D81}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{E4F72487-6885-4DB8-9F99-CBC76B06FE09}D:\programme\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\programme\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{E694CED7-E8CF-4D4C-B4A6-0EB33D3B0DD2}D:\programme\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\programme\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{A59F4EBE-3673-4B06-934F-B5401E699069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2F40C6A1-DF9F-4281-91D2-C7EF521CE5D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{083480ED-8855-4655-B018-E58B75ED8BE7}E:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) E:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [TCP Query User{65246EFF-6D93-46BA-B6D8-C7457AE3F8BA}E:\program files\teamspeak 3 client\ts3client_win64.exe] => (Allow) E:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [{87435011-3705-4BDB-BFF3-766814024575}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{F967338D-B2FE-44FA-8E4C-7C92BF0C7B21}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{5D2B2F4B-6C37-481B-8CB9-CF02624BB3BA}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{FD2E9616-1831-4BBB-A3CC-117E26876191}] => (Allow) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{9A0D96E6-B7F6-415E-A85E-D511ECDF3E7C}] => (Allow) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{FE4E425E-09D0-4326-8EBE-72944B3A56A1}] => (Allow) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\Lync.exe
FirewallRules: [{3211BEE8-E4EF-412B-9FE4-D21773BFABF4}] => (Allow) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\Lync.exe
FirewallRules: [{F3469134-DD38-424F-9B20-65FA02F0476D}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FC67B69B-11DD-4886-8D85-64EDD3E8602C}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{59075B13-27E2-48E4-90D0-E88B9D92F685}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA825415-F99D-45E2-9811-AC33F31FC5FB}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F4E8DEFC-EBD6-44C8-A763-2451F8F3A16F}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BE22DC00-49B9-4797-96CD-8D32BE243C9C}] => (Allow) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F12D4702-29D6-41E2-BBF9-8FD33E96E195}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DB1A299A-D2B4-4631-B625-B2A25A464388}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{23518998-1182-452B-86F7-7AEDF90759F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{92B4369E-808C-49BC-942B-7CB456A6739B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D521381D-CEA0-431F-BA3B-B82F224C472E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{825348C0-E84E-49D6-BA7B-E6D6D9FC77B0}E:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D7AE099D-867E-40C3-A381-3F5E8A28C84D}E:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{752B9EE5-E2DB-4BAC-9F75-039C2C9A15D1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monopoly Plus\Monopoly.exe
FirewallRules: [{3B5FFB8B-AA9A-43AB-9F23-952DE17EF170}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Monopoly Plus\Monopoly.exe
FirewallRules: [{8794AE70-5DAF-47E3-AF91-FE95AD315F35}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{C7D76615-29C6-406F-A9B0-C840C5B95838}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{32FA9C59-C6BF-4154-BB6D-24D81E60CAF2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A8996669-C4E9-4B83-995F-A14C9ACCD952}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5505720E-80ED-435B-AD70-16DA233AF26A}] => (Block) D:\Programme\Rockstar Games\Grand Theft Auto V mp\GTAVLauncher.exe
FirewallRules: [{1E39D88D-543F-4EF6-B7FB-A198B6F07EF8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe
FirewallRules: [{315AA169-0A9B-47DB-A94A-0DF2E1D96444}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe
FirewallRules: [{14E1BD54-FB6C-4BB9-BB2C-2EA7F7579B09}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe
FirewallRules: [{BF3FE27B-1691-40CE-931E-E28873EBF5D2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe
FirewallRules: [{A116C390-52B5-4B18-B497-440CEBFED7F7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [{27A5E74A-C960-464D-AE47-EF9F0E4F1678}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\QuantumBreak\dx11\QuantumBreak.exe
FirewallRules: [{46E81FE8-C183-42F4-8913-430DD1CE4273}] => (Allow) E:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{8635493A-0101-4AA1-848D-3A20C51ED966}] => (Allow) E:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{38B8510F-5B72-42AE-9929-8645CF95C820}E:\program files (x86)\origin games\fifa 18\fifa18.exe] => (Allow) E:\program files (x86)\origin games\fifa 18\fifa18.exe
FirewallRules: [UDP Query User{2073B9C7-E76A-4CDA-BC3F-78B5C97CF46C}E:\program files (x86)\origin games\fifa 18\fifa18.exe] => (Allow) E:\program files (x86)\origin games\fifa 18\fifa18.exe
FirewallRules: [{55BB6A38-C576-4D5D-A21E-50D045BFC7E3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Obulis\obulis_steam.exe
FirewallRules: [{2B39FF84-14B7-483C-B6A0-AA36B2A3E2BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Obulis\obulis_steam.exe
FirewallRules: [{D815CA5F-466F-4C58-BA6B-DCB8800FF068}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{99FB6AC2-6858-4B85-B662-29CF09B8B7FE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D7FBCC48-FE36-4939-B65D-C4D0D8D1DDC9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{18D88543-33A6-41E7-A7B0-BC32CBE2C9F3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E0C18532-B6DD-41A8-A0BD-E20A68426680}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{CD086BDF-CED8-445F-B9CC-AC8A6B0DE5E2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{CD387DE0-854A-4D07-8207-3889DA41C420}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F6332522-EA4E-4348-8ACA-9123937F7DA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7FCBDCBB-406B-42FA-A3EF-F8D9B8BAD952}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1FB993E2-CE3B-445D-9250-4C7E7620E5CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6874105-04C7-4466-A6C7-15F827463D63}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 18\FIFASetup\fifaconfig.exe
FirewallRules: [{7B249366-55ED-49AC-956B-984FDEB9EE1A}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 18\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{9FB35AB1-1452-4B3C-AFBD-85873C41F9E5}E:\program files (x86)\overwatch\overwatch.exe] => (Allow) E:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{70529F85-70E5-48DC-8C13-BC32BA800096}E:\program files (x86)\overwatch\overwatch.exe] => (Allow) E:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{DD5F7942-2AC4-44CA-8A0F-D43D1CD64D0B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{966B9237-D900-4082-A730-9342213F522A}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{16B5A1FC-A3A9-4B8C-B497-B80111E15D7B}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Wiederherstellungspunkte =========================

03-02-2018 12:54:46 Geplanter Prüfpunkt
04-02-2018 15:51:40 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
04-02-2018 15:51:45 Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810
06-02-2018 12:46:41 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
06-02-2018 12:46:46 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/07/2018 09:37:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (02/06/2018 09:01:15 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (02/05/2018 10:19:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 7980

Startzeit: 01d39e623d6d1d67

Beendigungszeit: 5

Anwendungspfad: E:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

Berichts-ID: 36a16f84-81bb-402b-847f-c40397b7e46a

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (02/05/2018 09:53:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe Desktop Service.exe, Version: 4.4.0.294, Zeitstempel: 0x5a714e1e
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.16299.192, Zeitstempel: 0x16e7ff7f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005d0ec
ID des fehlerhaften Prozesses: 0x5180
Startzeit der fehlerhaften Anwendung: 0x01d39dc7db165bb0
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 2a20586c-400b-4ad9-ba60-83e604f3f4c8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/04/2018 04:11:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-2K12HQ3)
Description: microsoft.windows.authhost.sso_8wekyb3d8bbwe-2147024893

Error: (02/04/2018 04:11:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-2K12HQ3)
Description: Microsoft.VCLibs.140.00_8wekyb3d8bbwe-2147024893

Error: (02/04/2018 04:11:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-2K12HQ3)
Description: Microsoft.VCLibs.140.00.UWPDesktop_8wekyb3d8bbwe-2147024893

Error: (02/04/2018 04:11:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-2K12HQ3)
Description: Microsoft.VCLibs.120.00_8wekyb3d8bbwe-2147024893

Error: (02/04/2018 04:11:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-2K12HQ3)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c-2147024893

Error: (02/04/2018 04:11:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-2K12HQ3)
Description: Microsoft.Services.Store.Engagement_8wekyb3d8bbwe-2147024893


Systemfehler:
=============
Error: (02/09/2018 11:46:55 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "ElsterFormular Update Service" wurde mit dem folgenden dienstspezifischen Fehler beendet:
Die Daten sind unzulässig.

Error: (02/09/2018 09:45:03 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-2K12HQ3)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-2K12HQ3\Dragon" (SID: S-1-5-21-3012858150-3015319604-1906791415-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/07/2018 09:38:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/07/2018 09:38:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/07/2018 09:38:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/07/2018 09:38:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/07/2018 09:38:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/07/2018 09:37:17 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "SOLIDWORKS Electrical Collaborative Server" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (02/06/2018 09:01:14 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/06/2018 09:01:14 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2018-02-09 12:11:01.199
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 12:11:01.198
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 12:05:20.731
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 12:05:20.731
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 12:01:52.147
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 12:01:52.146
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 11:55:24.248
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 11:55:24.247
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 11:35:38.055
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-09 11:35:38.054
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 16351.77 MB
Verfügbarer physikalischer RAM: 8570.53 MB
Summe virtueller Speicher: 20703.77 MB
Verfügbarer virtueller Speicher: 8403.01 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:231.75 GB) (Free:157.01 GB) NTFS
Drive d: (Volume) (Fixed) (Total:476.94 GB) (Free:166.38 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.02 GB) (Free:769.59 GB) NTFS
Drive j: (Elements) (Fixed) (Total:1862.98 GB) (Free:1496.95 GB) NTFS
Drive k: (HDDRIVE2GO) (Fixed) (Total:931.28 GB) (Free:188.54 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 16F2A91F)

Partition: GPT.

========================================================
Disk: 4 (Size: 931.5 GB) (Disk ID: 7D233333)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

cosinus 09.02.2018 13:03
Ist das ein gewebrlich genutztes System? Grund ist u.g. Software, oder gibt es eine andere Erklärung dafür?


Code:
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_0_1) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.0.294 - Adobe Systems Incorporated)

Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.9001.2138 - Microsoft Corporation)
Microsoft Project Professional 2016 - de-de (HKLM\...\ProjectProRetail - de-de) (Version: 16.0.9001.2138 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.9001.2138 - Microsoft Corporation)

Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)

Blackhunter 09.02.2018 13:14
Ich bekomme die Programme über meine Firma zu einem günstigeren Preis und es stehen nur die Professionalversionen zur Verfügung. Kann euch aber gerne die Kaufbelege vorzeigen.

cosinus 09.02.2018 13:21
Trotzdem versteh ich nicht, dass man unbedingt privat Visio und Project braucht. Aber nun gut.

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Blackhunter 09.02.2018 13:49
Einmal die Logdatei

Code:
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2018.02.09.04
  rootkit: v2018.01.23.01

Windows 10 x64 NTFS
Internet Explorer 11.192.16299.0
Dragon :: DESKTOP-2K12HQ3 [administrator]

09.02.2018 13:26:02
mbar-log-2018-02-09 (13-26-02).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 248087
Time elapsed: 7 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 09.02.2018 15:26
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!



adwCleaner v7.x

Downloade Dir bitte http://deeprybka.trojaner-board.de/adwcleaner/adwc.pngAdwCleaner auf Deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel
    • Prefetch Dateien
    • Proxy
    • Winsock
    • IE Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Blackhunter 09.02.2018 15:34
Code:
# AdwCleaner 7.0.8.0 - Logfile created on Fri Feb 09 14:32:03 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [2248 B] - [2018/1/18 17:59:7]
C:/AdwCleaner/AdwCleaner[S0].txt - [1975 B] - [2018/1/18 17:57:30]
C:/AdwCleaner/AdwCleaner[S1].txt - [2043 B] - [2018/1/18 17:58:36]
C:/AdwCleaner/AdwCleaner[S2].txt - [1148 B] - [2018/2/9 14:31:33]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

cosinus 09.02.2018 15:35
Da war ja garnix. Aber Firefox spinnt noch herum?

Blackhunter 09.02.2018 15:38
Ja spinnt immer noch. Weiterhin die Anker-links und weiterleitungen

cosinus 09.02.2018 15:41
Bitte erstelle erstelle im Firefox ein neues Profil und lösche das alte siehe --> http://support.mozilla.com/de/kb/Profile%20verwalten

Sichere - falls wichtig - vorher wichtige Lesezeichen, gespeicherte Passwörter etc.

Blackhunter 09.02.2018 16:01
Hat leider nichts gebracht.

cosinus 09.02.2018 18:45
Dann dürfte das Problem auch nicht im Browser liegen. Vllt erklärst du mal warum das am Firefox liegen soll.

Blackhunter 10.02.2018 13:07
Das Problem ist nur beim Firefox aufgetreten. Wenn ich Edge benutze geht alles ohne Probleme.
Habe aber nun mal Firefox inklusive aller Dateien davon deinstalliert und neu installiert. Ich gucke mal ob es jetzt noch immer auftritt.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131