Solved Infection aftermath help needed

xcy7e

TS Rookie
I got infected by malware causing ads playing in the background. There were exe's all over the place in my user folder (thankless.exe, noonan.exe). I removed all of it by hand and the ads were gone. For the last month everything seemed fine but since then an application (Steam) is not working proberly anymore. Steam uses a separate process "steamwebhelper" which is commonly abused by malware. The bugs in steam are clearly related to this process.

I tried
several things to get steam working again:

  • Reinstall steam
  • Using another steam account on the same client with the same windows-user
  • Run RogueKiller, Adwcleaner, MBAM, Sophos VRT, WiseRegistryCleaner

without success. These tools were run until no infection was shown anymore.


I found out that steam is working as expected on another windows-user account.

Additionally I found some things out, which I cannot verify but assume are related to my problem:
  • 2 out of 6 "dnsapi.dll"-Files are not signed each < 60kb
  • Windows eventlog shows errors related to steamwebhelper.exe with chrome_elf.dll having exception 0x80000003
To me it looks like the infection is gone but has caused permanent damage which results in applications not working as excepted.
Any help is heavily appreciated as I am running out of ideas for troubleshooting.

Thanks in advance,
Jonathan
 

xcy7e

TS Rookie
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2019 01
durchgeführt von johnf (Administrator) auf EPSON3191BJ (19-01-2019 00:08:27)
Gestartet von D:\tmp
Geladene Profile: defaultuser0 & johnf & admin & Administrator (Verfügbare Profile: defaultuser0 & johnf & admin & Administrator)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(MongoDB, Inc) C:\Program Files\MongoDB\Server\4.0\bin\mongod.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() D:\Programme\ProtonVPN\ProtonVPNService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Hauppauge Computer Works, Inc) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(VMware, Inc.) S:\VMware\VMware Workstation\vmware-authd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Binary Fortress Software) D:\Programme\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software) D:\Programme\DisplayFusion\DisplayFusionHookApp32.exe
(Binary Fortress Software) D:\Programme\DisplayFusion\DisplayFusionHookApp64.exe
(Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(AvJoeSW Inc.) C:\Program Files (x86)\BGPKiller\BGPKiller.exe
(Venturi) D:\Programme\HideVolumeOSD\HideVolumeOSD.exe
(Skwire Empire) C:\RibbonDisabler\TBarIconBlanker.exe
(TechSmith Corporation) C:\Program Files (x86)\Snagit 13\Snagit32.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(TechSmith Corporation) C:\Program Files (x86)\Snagit 13\SnagPriv.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(TechSmith Corporation) C:\Program Files (x86)\Snagit 13\SnagitEditor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Steven Mayall) D:\Programme\MusicBee\MusicBee.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google Inc.) C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) D:\tmp\avast_free_antivirus_setup.exe
(AVAST Software) C:\Users\johnf\AppData\Local\Temp\_av_iup.tm~a07636\Instup.exe
(AVAST Software) C:\Users\johnf\AppData\Local\Temp\_av_iup.tm~a07636\New_13010938\instup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Users\johnf\AppData\Local\Temp\_av_iup.tm~a07636\New_13010938\sbr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\tmp\FRST64 (1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [588136 2017-01-18] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobePSE17AutoAnalyzer] => D:\Programme\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2016-11-13] (Acronis International GmbH)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1695224 2017-11-13] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-06-08] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => D:\Programme\Microsoft Office 2010 Professional Plus\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [AvRepair] => "C:\Program Files\AVAST Software\Avast\setup\instup.exe" /instop:repair /wait
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-127663350-3041579137-739029980-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [DisplayFusion] => D:\Programme\DisplayFusion\DisplayFusion.exe [8626064 2017-11-14] (Binary Fortress Software)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [reWASD Tray Agent] => D:\Programme\reWASD\Launcher.exe [3405504 2017-11-02] (Disc Soft Ltd)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [EpicGamesLauncher] => D:\Programme\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35184016 2019-01-15] (Epic Games, Inc.)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [Google Update] => C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-17] (Google Inc.)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3682968 2018-07-09] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [Steam] => D:\Steam\steam.exe [3133216 2019-01-05] (Valve Corporation)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [GoogleChromeAutoLaunch_27E519C7728811BA68C834EBDE556FEC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc.)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {388c7019-d5a0-11e8-8a26-061cc31ba87d} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {48059458-1317-11e9-8a78-a81e846ac091} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {675494ea-727a-11e8-89dc-a81e846ac091} - "G:\dvdcheck.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {7a5ac85a-9635-11e8-89f6-a81e846ac091} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {7f428c8c-6ddf-11e8-89da-a81e846ac091} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {b0fae1d3-7589-11e8-89df-a81e846ac091} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> D:\Programme\DisplayFusion\DFSSaver.scr [5560320 2017-11-14] (Binary Fortress Software)
HKU\S-1-5-21-127663350-3041579137-739029980-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32-x32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [70656 2004-01-25] (www.helixcommunity.org)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2018-08-30]
ShortcutTarget: AutoStart IR.lnk -> D:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BGPKiller.lnk [2018-12-14]
ShortcutTarget: BGPKiller.lnk -> C:\Program Files (x86)\BGPKiller\BGPKiller.exe (AvJoeSW Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ETR.lnk [2017-12-11]
ShortcutTarget: ETR.lnk -> C:\RibbonDisabler\etr64.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HideVolumeOSD (1).lnk [2017-11-05]
ShortcutTarget: HideVolumeOSD (1).lnk -> D:\Programme\HideVolumeOSD\HideVolumeOSD.exe (Venturi)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TBarIconBlanker.lnk [2017-12-11]
ShortcutTarget: TBarIconBlanker.lnk -> C:\RibbonDisabler\TBarIconBlanker.exe (Skwire Empire)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSC_SI_13.lnk [2017-11-30]
ShortcutTarget: TSC_SI_13.lnk -> C:\Program Files (x86)\Snagit 13\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2018-08-30]
ShortcutTarget: WinTV Recording Status.lnk -> D:\Programme\WinTV\WinTV8\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JDownloader 2.lnk [2018-01-22]
ShortcutTarget: JDownloader 2.lnk -> C:\Users\johnf\AppData\Local\JDownloader 2.0\JDownloader2.exe (AppWork GmbH)
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-01-22]
ShortcutTarget: MEGAsync.lnk -> C:\Users\johnf\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ProtonMail Bridge.lnk [2018-11-21]
ShortcutTarget: ProtonMail Bridge.lnk -> D:\Programme\ProtonMail Bridge\Desktop-Bridge.exe ()
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-11-07]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WallpaperDayNightCycleScriptBG.lnk [2018-11-29]
ShortcutTarget: WallpaperDayNightCycleScriptBG.lnk -> D:\Programme\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software)
GroupPolicy: Beschränkung ? <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{109ed733-761c-4c21-a36e-2227cfa51343}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{42b2ff9e-009a-429b-b5a2-f36b3e806da8}: [NameServer] 204.152.184.76,8.8.8.8
Tcpip\..\Interfaces\{42b2ff9e-009a-429b-b5a2-f36b3e806da8}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-127663350-3041579137-739029980-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131636414581884282&GUID=8B5751C8-C74A-4A58-BDB3-98A2FE9D6F40
HKU\S-1-5-21-127663350-3041579137-739029980-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-127663350-3041579137-739029980-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131636414582765433&GUID=8B5751C8-C74A-4A58-BDB3-98A2FE9D6F40
HKU\S-1-5-21-127663350-3041579137-739029980-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-127663350-3041579137-739029980-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-127663350-3041579137-739029980-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-127663350-3041579137-739029980-1001 -> DefaultScope {B02D0787-BF2C-496E-8534-50198E09B2E5} URL =
SearchScopes: HKU\S-1-5-21-127663350-3041579137-739029980-1001 -> {B02D0787-BF2C-496E-8534-50198E09B2E5} URL =
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-14] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Programme\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-14] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\johnf\Windows Themes\one1184\OldNewExplorer32.dll [2017-08-16] (www.startisback.com)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-31] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programme\Microsoft Office 2010 Professional Plus\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-31] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: t5nr5z14.default
FF ProfilePath: C:\Users\johnf\AppData\Roaming\Mozilla\Firefox\Profiles\t5nr5z14.default [2019-01-18]
FF NetworkProxy: Mozilla\Firefox\Profiles\t5nr5z14.default -> socks", "localhost"
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\johnf\AppData\Roaming\Mozilla\Firefox\Profiles\t5nr5z14.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2018-11-11]
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programme\Microsoft Office 2010 Professional Plus\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Programme\Microsoft Office 2010 Professional Plus\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems)
FF Plugin HKU\S-1-5-21-127663350-3041579137-739029980-1001: @tools.google.com/Google Update;version=3 -> C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-127663350-3041579137-739029980-1001: @tools.google.com/Google Update;version=9 -> C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Active:"chrome-extension://nnnkddnnlpamobajfibfdgfnbcnkgngh/pages/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://help.steampowered.com/de/wizard/HelpRequest/HT-5JMC-RCYY-G67G
CHR Profile: C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default [2019-01-19]
CHR Extension: (Präsentationen) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-01]
CHR Extension: (Bookmark Favicon Changer) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmfnomgphggonodopogfbmkneepfgnh [2018-12-01]
CHR Extension: (Material Incognito Dark Theme) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2019-01-18]
CHR Extension: (Theme Creator) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2018-12-01]
CHR Extension: (Docs) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-01]
CHR Extension: (Google Drive) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-01]
CHR Extension: (Select & translate - context menu) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bapcampblfdohlgnilfjbmhjijhflbjf [2018-12-01]
CHR Extension: (YouTube) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-01]
CHR Extension: (Adblock Plus) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]
CHR Extension: (Pushbullet) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2018-12-01]
CHR Extension: (Adblock für Youtube™) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-12-19]
CHR Extension: (Xdebug helper) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\eadndfjplgieldjbigjakmdgkmoaaaoc [2019-01-13]
CHR Extension: (jQuery Injector) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkjohcjbjcjjifokpingdbdlfekjcgi [2018-12-24]
CHR Extension: (I don't care about cookies) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2018-12-20]
CHR Extension: (Stylish- Benutzerdef. Motive f. jede Webseite) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2018-12-25]
CHR Extension: (Avira Browserschutz) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-07]
CHR Extension: (Google Docs Offline) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-01]
CHR Extension: (AdBlock) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-16]
CHR Extension: (Ad-Free SoundCloud) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjglicckckaeiijceebbfgeibnehjgg [2019-01-12]
CHR Extension: (Google Hangouts) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-12-14]
CHR Extension: (Open-as-Popup) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncppfjladdkdaemaghochfikpmghbcpc [2018-12-01]
CHR Extension: (Twitch Now) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-12-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-01]
CHR Extension: (J CSS Reload) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnmebjmgdonemncjdliomljdfhpnlekk [2018-12-01]
CHR Extension: (Infinity New Tab (Pro)) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnkddnnlpamobajfibfdgfnbcnkgngh [2019-01-18]
CHR Extension: (ColorPick Eyedropper) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2018-12-18]
CHR Extension: (Google Mail) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-14]
CHR Extension: (Custom JavaScript for websites ) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\poakhlngfciodnhlhhgnaaelnpjljija [2018-12-01]
CHR Extension: (Popout for YouTube™) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofekaindcmmojfnfgbpklepkjfilcep [2018-12-03]
CHR Profile: C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-07]
CHR Profile: C:\Users\johnf\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-127663350-3041579137-739029980-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [1175976 2017-01-16] (Acronis International GmbH)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1276464 2017-01-18] ()
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Inc.)
S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086232 2017-09-29] ()
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8352184 2019-01-15] ()
R2 DisplayFusionService; C:\Programme\DisplayFusion\DisplayFusionService.exe [6601128 2018-12-27] (Binary Fortress Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-15] (EasyAntiCheat Ltd)
R2 HauppaugeTVServer; D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe [587048 2018-08-15] (Hauppauge Computer Works, Inc) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4679576 2016-12-20] (Acronis International GmbH)
S4 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2908352 2017-01-06] (Acronis International GmbH)
R2 MongoDB; C:\Program Files\MongoDB\Server\4.0\bin\mongod.exe [32523264 2018-12-19] (MongoDB, Inc) [Datei ist nicht signiert]
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-03-09] (Native Instruments GmbH) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
R2 ProtonVPN Service; D:\Programme\ProtonVPN\ProtonVPNService.exe [38664 2018-10-17] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2018-07-09] (Sandboxie Holdings, LLC)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7013704 2016-12-21] ()
R2 TeamViewer; C:\Programme\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH)
S4 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation)
R2 VMAuthdService; S:\VMware\VMware Workstation\vmware-authd.exe [96184 2018-05-11] (VMware, Inc.)
S2 VMwareHostd; S:\VMware\VMware Workstation\vmware-hostd.exe [14346680 2018-05-11] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-06-22] (Microsoft Corporation)
S3 wampapache64; d:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [Datei ist nicht signiert]
S3 wampmariadb64; d:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] ()
S3 wampmysqld64; d:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-27] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2016-12-27] ()
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (Apple Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [605616 2017-12-23] (Qualcomm)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2017-06-19] (Windows (R) Win 7 DDK provider)
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2017-06-19] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
S3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN Microelectronic Corp.)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-12-23] (ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [14976 2012-12-22] (Huawei Technologies Co., Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [447328 2017-09-29] (Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [375136 2017-09-29] (Acronis International GmbH)
R0 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [148992 2017-11-11] (Disc Soft Ltd)
S3 HWHandSetProLine; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2011-10-23] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-12-23] (REALiX(tm))
S3 hw_ctrlfakedev; C:\WINDOWS\system32\DRIVERS\hw_ctrlfakedev.sys [115712 2015-03-10] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-23] (Huawei Technologies Co., Ltd.)
S3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [16896 2018-04-12] (Microsoft Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81736 2017-07-27] (Insecure.Com LLC.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_9a6512484ba25dcd\nvlddmkm.sys [20461984 2019-01-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-12-23] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [782816 2017-12-23] (Realsil Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [228176 2018-07-09] (Sandboxie Holdings, LLC)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [264192 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310560 2017-09-29] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [214360 2017-09-29] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [688864 2017-09-29] (Acronis International GmbH)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-08-14] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-08-14] (Oracle Corporation)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [324448 2017-09-29] (Acronis International GmbH)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [36768 2018-08-25] (Microsoft Corporation)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)
U1 avgbdisk; kein ImagePath
S3 HTCAND64; \SystemRoot\System32\Drivers\ANDROIDUSB.sys [X]
U4 npcap_wifi; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-01-19 00:07 - 2019-01-19 00:07 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-19 00:06 - 2019-01-19 00:06 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-18 23:59 - 2019-01-18 23:59 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2019-01-18 23:20 - 2019-01-18 23:20 - 000000000 ____D C:\ProgramData\TweakBit
2019-01-18 23:20 - 2019-01-18 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2019-01-18 23:20 - 2019-01-18 23:20 - 000000000 ____D C:\Program Files (x86)\TweakBit
2019-01-18 12:17 - 2019-01-18 12:17 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\NVIDIA
2019-01-18 09:55 - 2019-01-18 09:56 - 000000000 ___DC C:\Users\johnf\AppData\Local\Steam
2019-01-18 09:05 - 2019-01-18 09:05 - 000000554 _____ C:\Users\Public\Desktop\Steam.lnk
2019-01-18 09:05 - 2019-01-18 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-18 08:46 - 2019-01-18 08:59 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Wise Registry Cleaner
2019-01-18 08:46 - 2019-01-18 08:46 - 000001306 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2019-01-18 08:46 - 2019-01-18 08:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2019-01-18 08:46 - 2019-01-18 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2019-01-18 08:46 - 2019-01-18 08:46 - 000000000 ____D C:\Program Files (x86)\Wise
2019-01-17 21:41 - 2019-01-17 21:41 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2019-01-17 21:41 - 2019-01-17 21:41 - 000000000 ____D C:\ProgramData\Sophos
2019-01-17 21:41 - 2019-01-17 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-01-17 21:41 - 2019-01-17 21:41 - 000000000 ____D C:\Program Files (x86)\Sophos
2019-01-17 18:31 - 2019-01-17 18:31 - 000002259 _____ C:\WINDOWS\epplauncher.mif
2019-01-17 17:25 - 2019-01-17 17:25 - 000000000 ___HD C:\$SysReset
2019-01-17 17:20 - 2019-01-19 00:08 - 000000000 ____D C:\FRST
2019-01-17 17:10 - 2019-01-17 17:10 - 005660510 ____C (Swearware) C:\Users\johnf\Desktop\ComboFix.exe
2019-01-17 16:50 - 2019-01-17 16:50 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\522414DD.sys
2019-01-17 16:49 - 2019-01-17 17:03 - 000000000 ___DC C:\Users\johnf\Desktop\mbar
2019-01-17 16:49 - 2019-01-17 17:03 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-01-17 16:49 - 2019-01-17 16:49 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2019-01-17 16:23 - 2019-01-17 17:11 - 000000000 ____D C:\ProgramData\RogueKiller
2019-01-17 16:23 - 2019-01-17 16:23 - 000000905 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-01-17 16:23 - 2019-01-17 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-01-17 16:23 - 2019-01-17 16:23 - 000000000 ____D C:\Program Files\RogueKiller
2019-01-17 15:49 - 2019-01-17 16:12 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\ClassicShell
2019-01-17 15:49 - 2019-01-17 15:49 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\ansel
2019-01-17 15:49 - 2019-01-17 15:49 - 000000000 _____ C:\Users\Administrator.EPSON3191BJ\Desktop\Neues Textdokument.txt
2019-01-17 15:48 - 2019-01-17 15:48 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\ClassicShell
2019-01-17 15:47 - 2019-01-17 16:11 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\D3DSCache
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\TechSmith
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\LocalLow\CampoSanto
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Steam
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\DBG
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\CrashDumps
2019-01-17 15:46 - 2019-01-17 15:49 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Adobe
2019-01-17 15:46 - 2019-01-17 15:46 - 000001417 _____ C:\Users\Administrator.EPSON3191BJ\Desktop\Microsoft Edge.lnk
2019-01-17 15:46 - 2019-01-17 15:46 - 000000921 _____ C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elements Creations Notification.lnk
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ___HD C:\Users\Administrator.EPSON3191BJ\MicrosoftEdgeBackups
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\BGPKiller
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\TechSmith
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Publishers
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\MicrosoftEdge
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\CEF
2019-01-17 15:45 - 2019-01-17 16:12 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Packages
2019-01-17 15:45 - 2019-01-17 16:11 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2019-01-17 15:45 - 2019-01-17 15:49 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Adobe
2019-01-17 15:45 - 2019-01-17 15:49 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ
2019-01-17 15:45 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\NVIDIA Corporation
2019-01-17 15:45 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\ConnectedDevicesPlatform
2019-01-17 15:45 - 2019-01-17 15:45 - 000000020 ___SH C:\Users\Administrator.EPSON3191BJ\ntuser.ini
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Vorlagen
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Startmenü
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Netzwerkumgebung
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Lokale Einstellungen
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Eigene Dateien
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Druckumgebung
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\AppData\Local\Verlauf
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\AppData\Local\Anwendungsdaten
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Anwendungsdaten
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 ___RD C:\Users\Administrator.EPSON3191BJ\3D Objects
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\NVIDIA
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Google
2019-01-17 15:45 - 2018-12-14 17:20 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Macromedia
2019-01-17 15:45 - 2018-04-12 00:34 - 000001105 _____ C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-17 15:45 - 2017-11-29 19:26 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Microsoft Help
2019-01-16 19:12 - 2019-01-16 19:12 - 000013212 ____C C:\Users\johnf\AppData\Local\recently-used.xbel
 

xcy7e

TS Rookie
2019-01-16 19:09 - 2019-01-16 19:12 - 000001965 ____C C:\Users\johnf\Desktop\Starte Redmine.lnk
2019-01-16 19:08 - 2019-01-16 19:09 - 000000270 ____C C:\Users\johnf\Desktop\Starte Redmine.bat
2019-01-16 19:05 - 2019-01-16 19:05 - 000000000 ____D C:\Users\johnf\.gem
2019-01-16 19:03 - 2019-01-16 19:03 - 000000000 ____D C:\Users\johnf\.gnupg
2019-01-16 18:55 - 2019-01-16 18:55 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.3-1-x64 with MSYS2
2019-01-16 18:53 - 2019-01-16 18:53 - 000000000 ____D C:\Ruby25-x64
2019-01-16 18:51 - 2019-01-16 18:51 - 000001857 ____C C:\Users\johnf\Desktop\ImageMagick Display.lnk
2019-01-16 18:51 - 2019-01-16 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 7.0.8 Q16 (64-bit)
2019-01-16 18:51 - 2019-01-16 18:51 - 000000000 ____D C:\Program Files\ImageMagick-7.0.8-Q16
2019-01-16 10:57 - 2019-01-16 10:57 - 000000000 _____ C:\Users\Public\Shared Files
2019-01-16 10:56 - 2019-01-16 10:56 - 000000000 ___DC C:\Users\johnf\AppData\Local\Speech Graphics
2019-01-16 10:49 - 2019-01-16 10:49 - 000000000 ___DC C:\Users\johnf\AppData\Local\FortniteGame
2019-01-16 10:49 - 2019-01-16 10:49 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-01-16 08:32 - 2019-01-16 08:32 - 000000285 ____C C:\Users\johnf\Desktop\Fortnite.url
2019-01-15 20:30 - 2019-01-11 10:22 - 005363000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 002623880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 001767464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 000650608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 000451056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 000125320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 000083336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-01-15 20:30 - 2019-01-09 14:45 - 008472342 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-01-15 20:29 - 2019-01-15 20:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-01-15 20:29 - 2019-01-10 06:51 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-01-15 20:26 - 2019-01-12 05:05 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000552536 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000456848 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-01-15 20:26 - 2019-01-12 05:05 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-01-15 20:26 - 2019-01-12 05:05 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-01-15 20:26 - 2019-01-12 05:05 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-01-15 20:26 - 2019-01-12 05:04 - 004946232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 004316304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 002018392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441771.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 002003600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 001512352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441771.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 001461152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 001126544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 000631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 000521688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-01-15 20:26 - 2019-01-12 05:03 - 040262912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-01-15 20:26 - 2019-01-12 05:03 - 035158736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-01-15 20:26 - 2019-01-12 01:03 - 015911384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 013205768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 001462024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 001167584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 001145536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 000914400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 000794448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 000637664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-01-15 20:26 - 2019-01-12 01:01 - 019717352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-01-15 20:26 - 2019-01-12 01:01 - 016993240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-01-15 20:26 - 2019-01-12 01:01 - 005003032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-01-15 20:26 - 2019-01-12 01:01 - 004260704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-01-15 20:26 - 2019-01-11 12:06 - 000048472 _____ C:\WINDOWS\system32\nvinfo.pb
2019-01-15 14:19 - 2019-01-16 13:35 - 000000416 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2019-01-15 14:19 - 2019-01-15 14:19 - 000003890 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2019-01-15 14:19 - 2019-01-15 14:19 - 000001018 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2019-01-15 14:19 - 2019-01-15 14:19 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Easeware
2019-01-15 14:19 - 2019-01-15 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-01-15 14:19 - 2019-01-15 14:19 - 000000000 ____D C:\Program Files\Easeware
2019-01-15 14:14 - 2019-01-15 14:14 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-01-13 20:58 - 2019-01-13 20:59 - 000000082 _____ C:\Users\johnf\invisible.vbs
2019-01-13 20:45 - 2019-01-13 20:47 - 000000000 ____D C:\Users\johnf\.electron
2019-01-13 20:43 - 2019-01-13 20:43 - 000001995 ____C C:\Users\johnf\Desktop\Starte Squirrel.lnk
2019-01-13 20:41 - 2019-01-13 21:13 - 000000601 ____C C:\Users\johnf\Desktop\Starte Squirrel.bat
2019-01-13 20:40 - 2019-01-13 20:41 - 000000057 ____C C:\Users\johnf\Desktop\Starte adminMongo.bat
2019-01-13 20:39 - 2019-01-13 20:40 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\npm-cache
2019-01-13 20:39 - 2019-01-13 20:39 - 000000000 ____D C:\Users\johnf\.config
2019-01-13 20:35 - 2019-01-13 20:35 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\npm
2019-01-13 20:35 - 2019-01-13 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2019-01-13 20:35 - 2019-01-13 20:35 - 000000000 ____D C:\Program Files\nodejs
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Nucleon Software
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ___DC C:\Users\johnf\AppData\Local\Stimulsoft
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ___DC C:\Users\johnf\AppData\Local\Nucleon Software
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ____D C:\Users\johnf\Mongodb
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ____D C:\ProgramData\Isolated Storage
2019-01-13 20:25 - 2019-01-13 20:25 - 000000000 ____D C:\Program Files\MongoDB
2019-01-13 20:23 - 2019-01-13 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2019-01-13 20:23 - 2019-01-13 20:23 - 000000000 ____D C:\ProgramData\Git
2019-01-13 20:22 - 2019-01-13 20:23 - 000000000 ____D C:\Program Files\Git
2019-01-12 22:52 - 2019-01-12 22:52 - 000001456 ____C C:\Users\johnf\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2019-01-12 00:44 - 2019-01-12 00:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Setup Helper
2019-01-12 00:44 - 2019-01-12 00:44 - 000000000 ____D C:\Program Files (x86)\Hobbyist Software
2019-01-11 16:28 - 2019-01-11 16:28 - 000000713 ____C C:\Users\johnf\Desktop\ClipMate.lnk
2019-01-11 16:28 - 2019-01-11 16:28 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Thornsoft Development
2019-01-11 16:28 - 2019-01-11 16:28 - 000000000 ____D C:\ProgramData\TEMP
2019-01-11 16:28 - 2019-01-11 16:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipMate 7
2019-01-11 16:16 - 2019-01-11 16:16 - 000000000 ____D C:\Users\johnf\.thumb
2019-01-11 16:09 - 2019-01-11 16:09 - 000000965 ____C C:\Users\johnf\Desktop\DVDStyler.lnk
2019-01-11 16:09 - 2019-01-11 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDStyler
2019-01-11 16:09 - 2019-01-11 16:09 - 000000000 ____D C:\Program Files\DVDStyler
2019-01-11 12:05 - 2019-01-11 12:05 - 000000000 ____D C:\PS_CS2_Gr_NonRet
2019-01-11 12:01 - 2019-01-11 12:01 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\GIMP
2019-01-11 12:01 - 2019-01-11 12:01 - 000000000 ___DC C:\Users\johnf\AppData\Local\GIMP
2019-01-11 08:23 - 2019-01-11 08:23 - 000000000 ____D C:\WINDOWS\Panther
2019-01-11 00:09 - 2015-07-09 14:59 - 000245248 _____ (QUALCOMM Incorporated) C:\WINDOWS\system32\Drivers\qu_usb_serial.sys
2019-01-11 00:09 - 2015-03-10 09:05 - 000115712 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_ctrlfakedev.sys
2019-01-11 00:09 - 2014-09-08 22:07 - 000223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbvcom.sys
2019-01-11 00:09 - 2014-08-17 16:08 - 000117888 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\diagswitchdrv.sys
2019-01-11 00:09 - 2014-01-06 17:43 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2019-01-11 00:09 - 2012-12-22 07:46 - 000014976 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys
2019-01-11 00:02 - 2019-01-11 00:02 - 000000000 ____D C:\Program Files\DIFX
2019-01-11 00:02 - 2019-01-11 00:02 - 000000000 ____D C:\ADB
2019-01-11 00:02 - 2015-05-07 13:40 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys
2019-01-11 00:02 - 2014-01-06 17:43 - 002152176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll
2019-01-11 00:02 - 2014-01-06 17:43 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll
2019-01-11 00:02 - 2014-01-06 17:43 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll
2019-01-11 00:02 - 2011-10-23 18:04 - 000223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys
2019-01-11 00:02 - 2011-10-23 17:51 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys
2019-01-10 21:26 - 2019-01-10 21:26 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\LG Electronics
2019-01-10 21:26 - 2019-01-10 21:26 - 000000000 ___DC C:\Users\johnf\AppData\Local\LG Electronics
2019-01-10 21:26 - 2019-01-10 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2019-01-10 21:25 - 2019-01-10 21:25 - 000000000 ____D C:\Program Files (x86)\LG Electronics
2019-01-10 19:09 - 2019-01-10 19:09 - 000000000 ___DC C:\Users\johnf\AppData\Local\FirmwareFinder
2019-01-09 13:52 - 2019-01-09 13:52 - 000000000 ___DC C:\Users\johnf\AppData\Local\gegl-0.4
2019-01-09 10:29 - 2019-01-01 15:07 - 001023480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys
2019-01-09 10:29 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 10:29 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 10:29 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 10:29 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 10:29 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 10:29 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 10:29 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 10:29 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 10:29 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 10:29 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 10:29 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 10:29 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 10:29 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 10:29 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 10:29 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 10:29 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 10:29 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 10:29 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 10:29 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 10:29 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 10:29 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 10:29 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 10:29 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 10:29 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 10:29 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 10:29 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 10:29 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 10:29 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 10:29 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 10:29 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 10:29 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 10:29 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 10:29 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 10:29 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 10:29 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 10:29 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 10:29 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 10:29 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 10:29 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 10:29 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 10:29 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 10:29 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 10:29 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 10:29 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 10:29 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 10:29 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 10:28 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 10:28 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 10:28 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 10:28 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 10:28 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 10:28 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 10:28 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 10:28 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 10:28 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 10:28 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 10:28 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 10:28 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 10:28 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 10:28 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 10:28 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 10:28 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 10:28 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 10:28 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 10:28 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 10:28 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 10:28 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 10:28 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 10:28 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 10:28 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 10:28 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 10:28 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 10:28 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 10:28 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 10:28 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 10:28 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 10:28 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 10:28 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 10:28 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 10:28 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 10:28 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 10:28 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 10:08 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-08 08:41 - 2019-01-18 22:37 - 000000000 ___RD C:\Users\johnf\Creative Cloud Files
2019-01-08 00:01 - 2019-01-08 00:01 - 000000921 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elements Creations Notification.lnk
2019-01-07 23:59 - 2019-01-07 23:59 - 000000942 _____ C:\Users\Public\Desktop\Adobe Premiere Elements 2019.lnk
2019-01-07 23:59 - 2019-01-07 23:59 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 2019.lnk
2019-01-07 19:21 - 2019-01-07 19:21 - 000000000 ___DC C:\Users\johnf\AppData\Local\FXHOME Helper
2019-01-07 19:18 - 2019-01-07 19:20 - 000000000 ___DC C:\Users\johnf\AppData\Local\Ignite Express 2017 Activation
2019-01-07 19:18 - 2019-01-07 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ignite Express 2017
2019-01-07 19:18 - 2019-01-07 19:18 - 000000000 ____D C:\ProgramData\FXHOME
2019-01-07 19:18 - 2019-01-07 19:18 - 000000000 ____D C:\Program Files\FXHOME
2019-01-07 19:18 - 2019-01-07 19:18 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-01-07 18:33 - 2019-01-07 18:33 - 000001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2019.lnk
2019-01-07 18:30 - 2019-01-07 18:30 - 000001412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2019-01-07 18:30 - 2019-01-07 18:30 - 000001400 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2019-01-06 17:12 - 2019-01-06 17:15 - 000000000 ____D C:\Program Files\Rockstar Games
2019-01-06 17:12 - 2019-01-06 17:15 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-01-06 17:12 - 2019-01-06 17:12 - 000000826 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2019-01-06 17:12 - 2019-01-06 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-01-04 17:34 - 2019-01-04 18:40 - 000000015 ____C C:\Users\johnf\AppData\Local\X-Plane_drm_11.prf
2019-01-04 17:32 - 2019-01-04 17:32 - 000000022 ____C C:\Users\johnf\AppData\Local\x-plane_install_11.txt
2019-01-03 02:48 - 2019-01-03 02:48 - 000001571 ____C C:\Users\johnf\Desktop\nmap_SCAN.xml
2019-01-03 02:37 - 2019-01-04 16:11 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\VMware
2019-01-03 02:37 - 2019-01-04 16:11 - 000000000 ___DC C:\Users\johnf\AppData\Local\VMware
2019-01-03 02:36 - 2019-01-03 02:36 - 000001024 _____ C:\WINDOWS\SysWOW64\%TMP%
2019-01-03 02:36 - 2019-01-03 02:36 - 000000838 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2019-01-03 02:36 - 2019-01-03 02:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2019-01-03 02:36 - 2019-01-03 02:36 - 000000000 ____D C:\Program Files\Common Files\VMware
2019-01-03 02:36 - 2019-01-03 02:36 - 000000000 ____D C:\Program Files (x86)\VMware
2019-01-03 02:36 - 2018-05-11 06:33 - 001134008 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2019-01-03 02:36 - 2018-05-11 06:33 - 000402360 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2019-01-03 02:36 - 2018-05-11 06:33 - 000367032 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2019-01-03 02:36 - 2018-05-11 06:33 - 000134104 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll
2019-01-03 02:36 - 2018-05-11 06:33 - 000043992 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2019-01-03 02:36 - 2018-05-11 06:21 - 000096176 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2019-01-03 02:36 - 2018-01-24 18:58 - 000082896 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2019-01-03 02:36 - 2017-09-05 04:54 - 000091712 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2019-01-03 02:36 - 2017-09-05 04:54 - 000069104 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2019-01-03 02:36 - 2017-09-05 04:54 - 000065016 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2019-01-03 02:34 - 2019-01-18 22:36 - 000000000 ____D C:\ProgramData\VMware
2018-12-31 21:31 - 2018-12-31 21:31 - 000000691 ____C C:\Users\johnf\Desktop\X-Plane 11.lnk
2018-12-31 21:31 - 2018-12-31 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Plane 11
2018-12-30 19:32 - 2018-12-30 19:32 - 000001700 _____ C:\Users\Public\Desktop\REX 4 - Texture Direct with Soft Clouds.lnk
2018-12-30 19:32 - 2018-12-30 19:32 - 000000741 _____ C:\Users\Public\Desktop\User Manual - REX 4 - Texture Direct.lnk
2018-12-30 19:21 - 2018-12-30 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX 4
2018-12-30 03:06 - 2018-12-30 03:06 - 000000885 ____C C:\Users\johnf\Desktop\FS Global Real Weather (P3Dv4 Edition).lnk
2018-12-29 17:43 - 2018-12-29 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2018-12-27 13:57 - 2018-12-27 13:57 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Burnaware
2018-12-27 13:49 - 2018-12-27 13:49 - 000001129 _____ C:\Users\Public\Desktop\BurnAware Free.lnk
2018-12-27 13:49 - 2018-12-27 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2018-12-27 13:49 - 2018-12-27 13:49 - 000000000 ____D C:\Program Files (x86)\BurnAware Free
2018-12-27 13:23 - 2018-12-27 13:31 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\ImgBurn
2018-12-25 19:17 - 2018-12-25 19:17 - 000000885 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2018-12-25 19:14 - 2018-12-25 19:36 - 000000000 ____D C:\Program Files\MKVToolNix
2018-12-25 19:14 - 2018-12-25 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2018-12-20 18:29 - 2018-12-20 18:29 - 000042904 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-12-20 08:29 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 08:29 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 08:29 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 08:29 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 08:29 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 08:29 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 08:29 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 08:29 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 08:29 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 08:29 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 08:29 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 08:29 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 08:29 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 08:29 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 08:29 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 08:29 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 08:29 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

==================== Ein Monat (geänderte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-01-19 00:09 - 2017-09-01 14:36 - 000000000 ____D C:\Users\johnf\AppData\Local\CrashDumps
2019-01-18 23:44 - 2017-08-29 07:59 - 000000000 ____D C:\Users\johnf\AppData\Local\ClassicShell
2019-01-18 22:58 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-18 22:53 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-18 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-18 22:49 - 2018-11-29 17:39 - 000002589 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2019-01-18 22:49 - 2018-11-29 17:39 - 000002552 ____C C:\Users\johnf\Desktop\Google Chrome Canary.lnk
2019-01-18 22:42 - 2018-06-07 01:30 - 001840194 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-18 22:42 - 2018-04-12 17:13 - 000788650 _____ C:\WINDOWS\system32\perfh007.dat
2019-01-18 22:42 - 2018-04-12 17:13 - 000169002 _____ C:\WINDOWS\system32\perfc007.dat
2019-01-18 22:42 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-18 22:37 - 2017-09-20 15:26 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-18 22:37 - 2017-09-11 22:29 - 000000000 ____D C:\Users\johnf\AppData\Local\Adobe
2019-01-18 22:37 - 2017-08-29 07:55 - 000000000 ____D C:\Users\johnf\AppData\Local\DisplayFusion
2019-01-18 22:36 - 2018-12-06 15:25 - 000000000 ____D C:\Program Files\TeamViewer
2019-01-18 22:36 - 2018-08-30 14:37 - 000000000 ____D C:\ProgramData\Hauppauge
2019-01-18 22:36 - 2018-06-07 01:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-18 22:36 - 2018-06-07 01:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-18 22:36 - 2017-08-29 07:45 - 000000000 __SHD C:\Users\johnf\IntelGraphicsProfiles
2019-01-18 15:43 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-18 15:43 - 2018-02-08 00:48 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\MusicBee
2019-01-17 23:52 - 2018-06-07 01:25 - 000000000 ___RD C:\Users\johnf
2019-01-17 23:49 - 2017-08-29 09:30 - 000000000 ___DC C:\Users\johnf\AppData\Local\JDownloader 2.0
2019-01-17 23:47 - 2017-08-29 09:13 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\vlc
2019-01-17 21:52 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-17 16:51 - 2018-12-07 19:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-17 16:19 - 2018-12-14 16:50 - 000007290 _____ C:\WINDOWS\Sandboxie.ini
2019-01-17 16:12 - 2018-07-15 14:33 - 000000000 ____D C:\ProgramData\Packages
2019-01-17 15:50 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-17 15:45 - 2018-01-10 02:40 - 000000000 ____D C:\Users\Administrator
2019-01-17 15:45 - 2017-03-13 22:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-16 21:11 - 2018-12-14 17:24 - 000000922 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-16 19:49 - 2017-09-01 19:56 - 000000000 ___HD C:\Users\johnf\.zenmap
2019-01-16 19:13 - 2017-09-11 22:27 - 000000000 ___HD C:\Users\johnf\.gimp-2.8
2019-01-16 19:12 - 2017-12-09 02:47 - 000000000 ____D C:\Users\johnf\icons
2019-01-16 19:12 - 2017-09-12 11:23 - 000000000 ____D C:\Users\johnf\AppData\Local\gtk-2.0
2019-01-16 13:38 - 2017-08-29 07:45 - 000000000 ____D C:\Users\johnf\AppData\Local\NVIDIA
2019-01-16 10:57 - 2018-04-12 00:38 - 000000000 __SHD C:\Users\Public\Libraries
2019-01-16 10:51 - 2017-08-29 07:45 - 000000000 ____D C:\Users\johnf\AppData\Local\NVIDIA Corporation
2019-01-16 10:49 - 2018-01-28 03:17 - 000000000 ___DC C:\Users\johnf\AppData\Local\UnrealEngine
2019-01-15 20:30 - 2018-06-22 09:57 - 000000000 ___RD C:\Temp
2019-01-15 20:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
2019-01-15 20:30 - 2017-09-20 15:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-01-15 20:29 - 2017-09-20 15:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-01-15 20:26 - 2018-06-07 23:42 - 000000000 ____D C:\Users\johnf\AppData\Local\D3DSCache
2019-01-15 19:29 - 2018-12-14 16:46 - 000000000 ____D C:\ProgramData\Avira
2019-01-15 19:29 - 2017-03-13 22:25 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-15 18:57 - 2018-11-20 16:56 - 000000000 ____D C:\ProgramData\ProtonVPN
2019-01-15 14:16 - 2017-09-20 15:27 - 002016502 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-01-15 14:14 - 2017-11-12 21:57 - 000000000 ___DC C:\Users\johnf\AppData\Local\ElevatedDiagnostics
2019-01-15 14:14 - 2017-09-20 15:27 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-01-14 22:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-13 00:08 - 2017-12-09 17:08 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\dvdcss
2019-01-11 20:39 - 2017-12-27 22:00 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-01-11 12:06 - 2017-08-29 17:44 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-01-11 12:01 - 2017-10-24 20:04 - 000000000 ___HD C:\Users\johnf\.cache
2019-01-10 19:04 - 2018-11-29 17:33 - 000004184 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1543509213
2019-01-10 19:04 - 2018-11-29 17:33 - 000001415 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2019-01-10 18:57 - 2017-08-29 07:45 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Adobe
2019-01-10 09:31 - 2018-07-15 13:46 - 000000000 ____D C:\Program Files\DisplayFusion
2019-01-10 09:31 - 2017-08-29 07:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2019-01-10 02:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-10 02:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-08 11:08 - 2018-12-02 19:57 - 000146976 ____C C:\Users\johnf\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-08 08:38 - 2018-12-14 17:20 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-08 08:32 - 2017-09-11 22:22 - 000000000 ____D C:\ProgramData\Adobe
2019-01-08 08:30 - 2018-06-07 01:23 - 000552120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-07 23:57 - 2018-01-24 01:18 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-01-06 17:13 - 2017-08-31 12:39 - 000000000 ____D C:\Users\johnf\AppData\Local\Rockstar Games
2019-01-06 17:12 - 2017-03-13 22:21 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-04 15:47 - 2018-08-28 13:19 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\BitTorrent
2019-01-03 02:36 - 2017-03-13 22:23 - 001863236 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-02 07:38 - 2017-08-29 11:36 - 000000000 ___DC C:\Users\johnf\AppData\LocalLow\Mozilla
2018-12-30 19:19 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-12-30 19:19 - 2017-11-28 17:16 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-12-30 19:19 - 2017-11-28 17:16 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-12-23 18:17 - 2018-01-22 03:05 - 000000000 ____D C:\Users\johnf\AppData\Local\MEGAsync
2018-12-20 16:10 - 2018-06-07 01:32 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-127663350-3041579137-739029980-1001
2018-12-20 16:10 - 2018-06-07 01:25 - 000002424 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-20 16:10 - 2017-08-29 07:47 - 000000000 ___RD C:\Users\johnf\OneDrive
2018-12-20 14:43 - 2018-12-07 19:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2019-01-13 20:58 - 2019-01-13 20:59 - 000000082 _____ () C:\Users\johnf\invisible.vbs
2018-01-07 11:43 - 2018-01-07 11:43 - 000000073 ____C () C:\Users\johnf\AppData\Roaming\GTAV Update Blocker.ini
2018-01-28 01:38 - 2018-02-07 17:29 - 000035491 ____C () C:\Users\johnf\AppData\Roaming\net.telestream.wirecast.xml
2018-02-01 16:19 - 2018-02-01 16:28 - 000000881 ____C () C:\Users\johnf\AppData\Roaming\pc-capture-log.txt
2017-08-29 10:05 - 2018-12-03 17:04 - 000000600 ____C () C:\Users\johnf\AppData\Roaming\winscp.rnd
2019-01-12 22:52 - 2019-01-12 22:52 - 000001456 ____C () C:\Users\johnf\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2019-01-16 19:12 - 2019-01-16 19:12 - 000013212 ____C () C:\Users\johnf\AppData\Local\recently-used.xbel
2019-01-04 17:34 - 2019-01-04 18:40 - 000000015 ____C () C:\Users\johnf\AppData\Local\X-Plane_drm_11.prf
2019-01-04 17:32 - 2019-01-04 17:32 - 000000022 ____C () C:\Users\johnf\AppData\Local\x-plane_install_11.txt
2017-09-01 19:56 - 2018-12-16 13:41 - 000000143 ____C () C:\Users\johnf\AppData\Local\zenmap.exe.log

Einige Dateien in TEMP:
====================
2019-01-16 19:52 - 2019-01-16 19:54 - 041846888 ____C () C:\Users\johnf\AppData\Local\Temp\vlc-3.0.6-win64.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-06-07 01:23

==================== Ende von FRST.txt ============================
 

xcy7e

TS Rookie
I cannot post the results of Addition.txt because the site throws the following error message:

Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator.
 

Broni

Malware Annihilator
Welcome aboard


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================

Attach second log from FRST
 

Broni

Malware Annihilator
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
durchgeführt von johnf (19-01-2019 00:09:31)
Gestartet von D:\tmp
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-07 00:32:41)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin (S-1-5-21-127663350-3041579137-739029980-1002 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-127663350-3041579137-739029980-500 - Administrator - Enabled) => C:\Users\Administrator.EPSON3191BJ
DefaultAccount (S-1-5-21-127663350-3041579137-739029980-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-127663350-3041579137-739029980-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-127663350-3041579137-739029980-501 - Limited - Disabled)
johnf (S-1-5-21-127663350-3041579137-739029980-1001 - Administrator - Enabled) => C:\Users\johnf
WDAGUtilityAccount (S-1-5-21-127663350-3041579137-739029980-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: ESET Smart Security 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Jumpstart (HKLM-x32\...\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}) (Version: 3.0.18135.100 - Acer)
Acronis True Image (HKLM-x32\...\{6C68FFAD-90B3-4DE1-B64A-3073CFFCCA70}) (Version: 21.0.6116 - Acronis) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 2019 (HKLM-x32\...\PRE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Aerosoft's - A318-A319 Professional - PREPAR3D V4.x (HKLM-x32\...\A318-A319 Professional - PREPAR3D V4.x) (Version: 1.00 - Aerosoft)
Aerosoft's - CRJ 700-900 X - PREPAR3D V4.x (HKLM-x32\...\CRJ 700-900 X - PREPAR3D V4.x) (Version: 1.2.0.0 - Aerosoft)
Aerosoft's - German Airports - Stuttgart Professional (HKLM-x32\...\German Airports - Stuttgart Professional) (Version: 1.00 - Aerosoft)
Aerosoft's - Mega Airport Frankfurt 2.0 Professional (HKLM-x32\...\Mega Airport Frankfurt 2.0 Professional) (Version: 1.00 - Aerosoft)
aerosoft's - NavDataPro Charts (HKLM-x32\...\NavDataPro Charts) (Version: 1.0.0.2 - aerosoft)
aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1A5D2729-4A3B-4CD5-85C8-4896FD44B78D}) (Version: 1.28 - aerosoft)
Android ADB Fastboot (HKLM-x32\...\{29FB844C-8CE6-450A-9510-A07FD091CD57}) (Version: 1.7 - ajua Custom Installers)
AOMEI Partition Assistant Demo Edition 7.5.1 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.)
App Explorer (HKU\S-1-5-19\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ACHTUNG
App Explorer (HKU\S-1-5-20\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ACHTUNG
App Explorer (HKU\S-1-5-21-127663350-3041579137-739029980-1000\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ACHTUNG
App Explorer (HKU\S-1-5-21-127663350-3041579137-739029980-1002\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ACHTUNG
App Explorer (HKU\S-1-5-21-127663350-3041579137-739029980-500\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ACHTUNG
AutoHotkey 1.1.26.01 (HKLM\...\AutoHotkey) (Version: 1.1.26.01 - Lexikos)
AVS Video Converter 10.1.2 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 10.1.2.627 - Online Media Technologies Ltd.)
BGPKiller version 0.9.6.0 (HKLM-x32\...\{51F2319F-76B2-4A3F-BD1D-81CB18395981}_is1) (Version: 0.9.6.0 - AvJoeSW Inc.)
BitTorrent (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\BitTorrent) (Version: 7.10.4.44847 - BitTorrent Inc.)
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 11.8 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
checksum (HKLM-x32\...\checksum) (Version: 1.7.0.1 - corz.org)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
ClipMate 7 (HKLM-x32\...\{2E924A2A-8FBC-4C84-8A3A-63FB386C9A29}_is1) (Version: 7 - Thornsoft Development, Inc.)
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
DiagnosticsHub_CollectionService (HKLM\...\{E81C8BD9-158A-4E0F-AE0D-8C797C0E8112}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 2.6 - DiskInternals Research)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.71 - NVIDIA Corporation) Hidden
DisplayFusion 9.4.3 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.4.3.0 - Binary Fortress Software)
Driver Easy 5.6.9 (HKLM\...\DriverEasy_is1) (Version: 5.6.9 - Easeware)
DVDStyler v3.0.4 (HKLM\...\DVDStyler_is1) (Version: - Thüring IT-Consulting)
Entity Framework 6.2.0 Tools for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{3E59936E-CC15-4DE2-BF79-5D76E14472A7}) (Version: 1.1.122.0 - Epic Games, Inc.)
FS2Crew: PMDG 737 NGX Reboot Edition P3D 64 (HKLM-x32\...\FS2Crew: PMDG 737 NGX Reboot Edition P3D 64) (Version: - )
FxSound Enhancer (HKLM-x32\...\DFX) (Version: 13.018 - FxSound)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Git version 2.20.1 (HKLM\...\Git_is1) (Version: 2.20.1 - The Git Development Community)
Google Chrome (HKLM\...\{A9EACB46-9179-3C2D-A196-62006713EC8E}) (Version: 71.0.3578.98 - Google, Inc.)
Google Chrome Canary (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Google Chrome SxS) (Version: 73.0.3676.0 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{402FF39A-CF32-42F6-B480-BAF2B1B0096B}) (Version: 7.3.2.5495 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
Hauppauge WinTV 8.5 (HKLM-x32\...\Hauppauge WinTV 8.5) (Version: v8.5.36227 (Premium) - Hauppauge Computer Works)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{4B691388-E031-4268-A096-95173D1E6E0F}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{5A86972C-9DB5-40AA-B4EB-0ACE96AFDF88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Ignite Express 2017 (HKLM\...\{3DC0AC59-4D08-4222-9464-6B9B31FD1293}) (Version: 1.0.8403.32417 - FXHOME)
ImageMagick 7.0.8-23 Q16 (64-bit) (2019-01-02) (HKLM\...\ImageMagick 7.0.8 Q16 (64-bit)_is1) (Version: 7.0.8 - ImageMagick Studio LLC)
Imaging And Configuration Designer (HKLM-x32\...\{05935793-A34C-4272-3361-7AF9AEEE5649}) (Version: 10.1.14393.0 - Microsoft) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version: - IVAO)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBrains PhpStorm 2018.2.3 (HKLM-x32\...\PhpStorm 2018.2.3) (Version: 182.4323.68 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{4DFD6FF3-9A29-4F31-AEE1-D44E016C5AD4}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
L3DT Standard v16.05.3.1 (remove only) (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\L3DT Standard (v16.05.3.1)) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.1.1 - LG Electronics)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.06.20130913 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker Premium (HKLM\...\{7C0E97DB-B7FF-4248-BA47-4718D1D104A6}) (Version: 24.0.1.34 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Premium (HKLM-x32\...\MX.{7C0E97DB-B7FF-4248-BA47-4718D1D104A6}) (Version: 24.0.1.34 - MAGIX Software GmbH)
MAGIX Music Maker Trial Live Pads (HKLM\...\{8E95475A-0C65-4830-B226-B15354C81BD0}) (Version: 24.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{53182829-FB43-486B-80AA-FFBF87F707B6}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{53182829-FB43-486B-80AA-FFBF87F707B6}) (Version: 7.0.2.6 - MAGIX Software GmbH)
Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Access database engine 2010 (Spanish) (HKLM\...\{90140000-00D1-0C0A-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: 1.0.20.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: 10.0.60905.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: 10.0.61242.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-127663350-3041579137-739029980-1002\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 for Windows 10 - ENU (HKLM-x32\...\{7e37e233-4667-4612-bfaf-7feb40ce0b4d}) (Version: 14.0.23107.178 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1296.827 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MKVToolNix 29.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 29.0.0 - Moritz Bunkus)
MongoDB 4.0.5 2008R2Plus SSL (64 bit) (HKLM\...\{43C0DDEE-FE22-45BD-952A-C20934AF3F0F}) (Version: 4.0.5 - MongoDB Inc.)
Mozilla Firefox 64.0 (x64 de) (HKLM\...\Mozilla Firefox 64.0 (x64 de)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Mp3tag v2.86 (HKLM-x32\...\Mp3tag) (Version: 2.86 - Florian Heidenreich)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicBee 3.2 (HKLM-x32\...\MusicBee) (Version: 3.2 - Steven Mayall)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project)
Node.js (HKLM\...\{7E005925-0125-4A46-8B25-6DB1547488C2}) (Version: 10.15.0 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.1 - Notepad++ Team)
Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Grafiktreiber 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.71 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Tegra Graphics Debugger v2.4 (HKLM-x32\...\{6D5F4270-1053-4C22-A89E-1CDCE2969C94}) (Version: 2.4.17025.0349 - NVIDIA Corporation)
NVIDIA Tegra System Profiler v3.7 (HKLM\...\{C6684D50-7552-43E3-99C5-237160047EE6}) (Version: 3.7.224.17034 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenIV (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\OpenIV) (Version: 2.9.2.932 - .black/OpenIV Team)
Opera Stable 57.0.3098.116 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Oracle VM VirtualBox 5.2.18 (HKLM\...\{2620B239-7407-49D7-B4C0-FE197D089176}) (Version: 5.2.18 - Oracle Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
PlanetSide 2 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.195 - Daybreak Game Company)
PMDG 737-8900 NGX Base Package P3D (HKLM-x32\...\{0EA92925-36E7-40CB-A714-118AB046099B}) (Version: 1.20.8465 - PMDG Simulations, LLC.)
PMDG 777-200LRF Base Package P3D (HKLM-x32\...\{C1CB0E26-CE1A-4789-8EEA-919C4CD491C1}) (Version: 1.10.8886 - PMDG Simulations, LLC.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd)
Prepar3D v4 Content (HKLM\...\{87040041-993B-42AF-BEA0-6086FEB45184}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Professional Plus (HKLM-x32\...\{30a38ea8-952b-40ed-8f28-8357d559085b}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Professional Plus Client (HKLM\...\{53DFB31A-C7E4-42D2-98D9-E715C42D6AFF}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.3.29.25520 - Lockheed Martin)
ProtonMail Bridge (HKLM\...\{5B9CC3FF-9575-408D-BD82-5D06B48C4396}) (Version: 1.1.0 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\{ED11FFD4-61B3-4329-870E-8F4DAC7D5A0D}) (Version: 1.6.4 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.6.4) (Version: 1.6.4 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10388 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.278 - Qualcomm Atheros)
RAAS Professional (64 Bit) by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional (64 Bit) by FS2Crew (LOCKED)) (Version: - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.1 r2989 - Rainmeter)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REX 4 - Texture Direct - Service Pack 5 (HKLM-x32\...\{38949C04-7C3A-431E-B7E1-31E1ECA07408}) (Version: 4.5.2015.0818 - REX Game Studios, LLC.)
REX 4 - Texture Direct - SP5 - Hotfix 1 (HKLM-x32\...\{DBED58E1-AA28-474B-8626-0DCAD6D62CDB}) (Version: 4.5.2015.1006 - REX Game Studios, LLC.)
REX 4 - Texture Direct (with Soft Clouds) (HKLM-x32\...\{A6683ACB-C41B-4977-87A6-4577C83DABCD}) (Version: 4.4.2015.0115 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds - SP5 - Hotfix 1 (HKLM-x32\...\{C0A5CA46-9C59-460C-95F7-364F4E8084B3}) (Version: 4.7.2015.1006 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds - SP5 (Patch) (HKLM-x32\...\{6F1318E4-DBA6-4289-B1E1-FEBDD730D486}) (Version: 4.7.2015.0818 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds - SP6 Hotfix 3 (HKLM-x32\...\{B3EA18AC-A7B1-4659-B1B5-3A1D6451371C}) (Version: 4.8.2016.0622 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds - SP6 Hotfix 4 (HKLM-x32\...\{D6FB5779-E95C-4717-B251-A89914D158A2}) (Version: 4.8.2016.0928 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds Enhanced Edition (HKLM-x32\...\{2696EDD3-6AE4-4BA3-8BAB-EF48D089B3E5}) (Version: 4.17.2017.0818 - REX Game Studios)
REX Essential Plus Overdrive with SP3 (HKLM-x32\...\{2BA36997-96EB-4DE0-804A-C2E1F2167123}) (Version: 3.8.2014.1126 - REX Game Studios, LLC.)
REX File Transfer Manager (HKLM-x32\...\{B60F3334-ED72-4F7B-945E-22FF8E401E8A}) (Version: 1.10.2016.1111 - REX Game Studios, LLC.)
REX Worldwide Airports HD (HKLM-x32\...\{E8F0D8E0-D9BE-4305-8811-3F506AAA1832}) (Version: 5.1.2018.0725 - REX Game Studios, LLC.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RogueKiller Version 13.0.22.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.22.0 - Adlice Software)
Ruby 2.5.3-1-x64 with MSYS2 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\RubyInstaller-2.5-x64-mingw32_is1) (Version: 2.5.3-1 - RubyInstaller Team)
Sandboxie 5.26 (64-bit) (HKLM\...\Sandboxie) (Version: 5.26 - Sandboxie Holdings, LLC)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
SimBrief Downloader 1.4.5 (HKLM\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
SketchUp 2015 (HKLM\...\{A9F0441B-D1CD-4419-80C7-AF7FF6BD94C2}) (Version: 15.1.106 - Trimble Navigation Limited)
Snagit 13 (HKLM-x32\...\{1ECBE017-90CD-4ECE-AC90-58875DC82E35}) (Version: 13.1.2 - TechSmith Corporation) Hidden
Snagit 13 (HKLM-x32\...\{3cde467c-e4c5-4633-8846-a172cca5e7f5}) (Version: 13.1.2.7933 - TechSmith Corporation)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Substance Painter 2 version 2.6.2 (HKLM\...\{f42b7a996fa1d13a1d0a2e33eea2c0800bb5d1b8}_is1) (Version: 2.6.2 - Allegorithmic)
Super FlatMix (HKLM\...\Super FlatMix) (Version: - neiio)
Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{791295AE-3B0A-3222-9E69-26C8C106E8D1}) (Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TOGA - ENVTEX (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.0.0.0 - SimMarket)
Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden
TortoiseSVN 1.9.7.27907 (64 bit) (HKLM\...\{FBD345DC-093A-4D89-A9B8-10C1BA356048}) (Version: 1.9.27907 - TortoiseSVN)
TweakBit PCRepairKit (HKLM-x32\...\{5AEA8CFE-B238-4D0A-9362-D55F38ECB795}_is1) (Version: 1.8.4.2 - Tweakbit Pty Ltd)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UEV Tools on amd64 (HKLM\...\{1454FA4E-58BC-2EF1-9A19-147B0E499E03}) (Version: 10.1.14393.0 - Microsoft) Hidden
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.3.2.0 - Manuel Hoefs (Zottel))
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4461586) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D3BC3593-9260-47AD-9EC8-8DEB8668956D}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4461586) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.PROPLUS_{D3BC3593-9260-47AD-9EC8-8DEB8668956D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
USB/DVD-Downloadtool für Windows 7 (HKLM-x32\...\{7D6DDE45-FE2F-4D11-A7E7-BC2C2910536C}) (Version: 1.0.30 - Microsoft Corporation)
User State Migration Tool (HKLM-x32\...\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}) (Version: 10.1.14393.0 - Microsoft) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{8FB2E6A8-A132-4A6A-BFB8-CE71DC4764F2}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{D182FB25-9A73-4725-A2C4-2C33900B920E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\dfb2ee6b) (Version: 15.8.28010.2019 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - Hobbyist Software)
VMware Workstation (HKLM\...\{360EEE05-F864-4702-BF6E-59469EBD1821}) (Version: 14.1.2 - VMware, Inc.)
vPilot (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\vPilot) (Version: 2.1.17 - Ross Carlson)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{4C60D242-B039-4DBB-A202-BE55478E8500}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{5297D80E-CD92-48D8-9DB0-301AB3205772}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DC4F558F-90E2-4B9C-8A2B-5DD92EF71F84}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{31312BFA-5D30-4B56-BACB-BFE26CE2E285}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{082DBA20-8C1E-4D4C-85F4-A813283B7849}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{0D3A6730-43CE-4AF6-BDF7-4D0660296C60}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Waldorf Edition (HKLM\...\{5790BB78-C3B6-11E0-AF6D-C6874824019B}) (Version: 1.7.3 - Waldorf Music GmbH)
Wampserver64 3.1.3 (HKLM\...\{wampserver64}_is1) (Version: 3.1.3 - Dominique Ottello aka Otomatic)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinDirStat 1.1.2 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\WinDirStat) (Version: - )
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinMerge 2.16.0.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.0.0 - Thingamahoochie Software)
WinRAR 5.61 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Winremix iPACK (HKLM\...\Winremix iPACK) (Version: - Unisira)
WinSCP 5.13.6 (HKLM-x32\...\winscp3_is1) (Version: 5.13.6 - Martin Prikryl)
Wirecast (HKLM\...\{13CCAC84-0C34-4D13-8C99-02D9F8B4C714}) (Version: 6.0.6 - Telestream LLC)
Wise Registry Cleaner 10.1.4 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)
Wondershare Filmora(Build 8.5.3) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
WPT Redistributables (HKLM-x32\...\{549DAD2D-2505-204C-EC58-59807FE6E037}) (Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{97B6FAD9-6F14-CC46-3165-F1785ECCE255}) (Version: 10.1.14393.0 - Microsoft) Hidden
yEd Graph Editor 3.18.1.1 (HKLM\...\3309-7404-0599-8908) (Version: 3.18.1.1 - yWorks GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> D:\Programme\Elements 2019 Organizer\Elements Auto Creations 2019.exe (Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E9D9ECBE8559}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\johnf\AppData\Local\Google\Chrome SxS\Application\73.0.3676.0\notification_helper.exe (Google Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-01-12] ()
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-01-12] ()
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-01-12] ()
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-01-12] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> Keine Datei
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Programme\Notepad++\NppShell_06.dll [2018-10-14] ()
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programme\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\Snagit 13\DLLx64\SnagitShellExt64.dll [2017-04-11] (TechSmith Corporation)
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2018-02-19] (hxxp://winmerge.org)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> Keine Datei
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programme\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich)
ContextMenuHandlers2-x32: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Programme\TortoiseSVN\bin\TortoiseStub32.dll -> Keine Datei
ContextMenuHandlers2-x32-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => S:\VMware\VMware Workstation\vmdkShellExt.dll -> Keine Datei
ContextMenuHandlers2-x32-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => -> Keine Datei
ContextMenuHandlers2-x32-x32: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2018-02-19] (hxxp://winmerge.org)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programme\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Keine Datei
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
 

Broni

Malware Annihilator
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\Snagit 13\DLLx64\SnagitShellExt64.dll [2017-04-11] (TechSmith Corporation)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2018-02-19] (hxxp://winmerge.org)
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-01-11] (NVIDIA Corporation)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2018-02-19] (hxxp://winmerge.org)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Keine Datei
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08B9CAA2-2352-4ED4-A70D-FECFA0F0F6E8} - System32\Tasks\kollekkollek => C:\Program Files (x86)\audible\audible.exe
Task: {0AF4033A-2703-4E17-AD9F-7871C7ADCF16} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [2015-05-14] ()
Task: {16E35315-AF55-4B6A-8363-A9ACC4D44FEF} - System32\Tasks\S-1-5-21-127663350-3041579137-739029980-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
Task: {1DCBB445-3C6C-4A68-82DB-45224811D0A2} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-07-29] (Acer Incorporated)
Task: {1F8E80CE-8358-4FF6-B100-DC65ED18C0EA} - System32\Tasks\Opera scheduled Autoupdate 1543509213 => C:\Users\johnf\AppData\Local\Programs\Opera\launcher.exe [2019-01-09] (Opera Software)
Task: {231D9D8A-4D8B-47CB-84B3-2D3E3ACA205B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {39DEC704-0C18-4B4B-99C9-5AE6BDA05D80} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {46D95413-730D-4CCA-9D8B-6ED236532A8B} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2019-01-03] (Easeware)
Task: {4AA8CB0B-F001-4B29-A504-D4A1533BE61E} - System32\Tasks\Component Manager Poller - {QU5EUk9JRF9XT1JLUw==} => D:\NVPACK\Poller.exe
Task: {4D0F6995-B65C-440D-A1AA-D8CE2C6E4499} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [2018-09-26] (Acer)
Task: {513BAEBE-62F6-47E1-8463-626F2712AF9D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {5197BE75-8DE1-4EC5-9E7D-BFA160BE4713} - System32\Tasks\cuencacuenca => C:\Program Files (x86)\Drunken\sarnoff.exe
Task: {546421BA-182D-4F78-A3C5-632AAC4A1439} - System32\Tasks\Verzögerter Autostart\Steam Autostart => D:\Steam\Steam.exe [2019-01-05] (Valve Corporation)
Task: {581D38A0-BCC6-4A8E-B021-122A3DCCB46E} - System32\Tasks\strenuously walliestrenuously wallie => C:\Program Files (x86)\Vanguard\Noonan.exe
Task: {58AB9822-0698-4A6A-8A34-07B88D5FD484} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {59E55593-48FC-4588-A2E0-87B8489E8096} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-127663350-3041579137-739029980-1001Core => C:\Users\johnf\AppData\Local\Google\Update\GoogleUpdate.exe [2018-11-29] (Google Inc.)
Task: {5BF220F3-E539-4702-ADEE-91FADD771489} - System32\Tasks\seacoast-ailsseacoast-ails => C:\Program Files (x86)\glossed\Noonan.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {69DB23C7-4AD0-466D-9AFA-033501E46136} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {6E21A59A-1484-4631-A299-A987EED91367} - System32\Tasks\displacements_drainpipesdisplacements_drainpipes => C:\Program Files (x86)\Vanguard\Thankless.exe
Task: {73685F45-9A4F-4B01-B919-81A206F09597} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-john.fiddle@outlook.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {744012A3-4B73-481C-B4AB-84E6869CC424} - System32\Tasks\Restart Snagit => C:\Program Files (x86)\Snagit 13\snagit32.exe [2017-04-11] (TechSmith Corporation)
Task: {7597FE12-4873-4682-A382-5F62154D2B7A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {8183C310-91FC-4B0A-A207-F6F65AFCA043} - System32\Tasks\Push _musik-folder nach oben => %comspec% [Argument = /c start "" /min "C:\Users\johnf\scripts\push_musik_folder.bat" ^&amp; exit]
Task: {84A6E09A-A39B-4985-9989-E2003E129CC6} - System32\Tasks\rayonrayon => C:\Program Files (x86)\Circumnavigated\Thankless.exe
Task: {894DC4D6-13B1-45D0-B012-F4F05F4D5BCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-29] (Google Inc.)
Task: {8DAD9641-9C44-4B6F-8A6D-DEFD72782868} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-29] (Google Inc.)
Task: {8E7BD869-9D89-4C22-A51C-63289C5C7721} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {8EC487A1-C396-49B3-BA83-B1259AF59518} - System32\Tasks\Verzögerter Autostart\Spotify Autostart => C:\Users\johnf\AppData\Roaming\Spotify\Spotify.exe
Task: {93BED475-E82C-4363-A647-E904A111D56F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-127663350-3041579137-739029980-1001 => C:\Users\johnf\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {946FF85D-EADF-445B-BE24-8A8E8F6F40B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => D:\Programme\Microsoft Office\Office16\msoia.exe
Task: {9497670B-55C8-4694-8AA3-C2657E722EA9} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2019-01-03] (WiseCleaner.com)
Task: {9A899E9C-521B-4E4A-8E55-3BFE4EE6C4C6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {A109C395-F812-46ED-AB82-B103922F272D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {AAF444DF-3E9E-427F-A444-22BBFA1609D1} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-01-16] (AVG Technologies CZ, s.r.o.)
Task: {AC484881-14AD-4F01-A4E1-85D7C32B3E64} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {AF87C29F-7AC9-4D3A-B64B-E6352C9522A8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {AFA7962D-C937-4924-857A-2C58CDB511F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => D:\Programme\Microsoft Office\Office16\msoia.exe
Task: {B0B2E101-0B38-4196-BA6D-843479172712} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-127663350-3041579137-739029980-1001UA => C:\Users\johnf\AppData\Local\Google\Update\GoogleUpdate.exe [2018-11-29] (Google Inc.)
Task: {BAA52F8D-D2C2-4F97-94F6-6B8885AC63E6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2016-01-11] (@ByELDI)
Task: {C688B860-90B2-4182-A608-B98D362FB7D5} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {D1C04809-B90B-4A35-8456-B91448223FC0} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {D3180715-FFE0-4FF1-9A00-B7A85D8C8BD6} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-john.fiddle@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {DAE9B933-42AB-428C-A674-1F6AB7B48337} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {DC6D5261-2F04-40A4-95D1-176E6C09C09C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {F19007DA-819C-4908-9A91-EC2F8DB3A6FF} - System32\Tasks\push _adult folder ganz runter => %comspec% [Argument = /c start "" /min "C:\Users\johnf\scripts\push_adult_folder.bat" ^&amp; exit]
Task: {F524361B-0EF8-4C2A-A90B-C18EF01954F3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {F846F544-427D-4AF6-8F8B-F5598AA55189} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\johnf\Windows Themes\Startmenü-Kategorien\Tools\Restart WinTV.lnk -> D:\WinTV\restart_wintv.bat ()
Shortcut: C:\Users\johnf\scripts\Clear TMP Directory.lnk -> C:\Users\johnf\scripts\ctmp.bat ()
Shortcut: C:\Users\johnf\Desktop\netstat.bat - Verknüpfung.lnk -> C:\Users\johnf\Desktop\netstat.bat (Keine Datei)
Shortcut: C:\Users\johnf\Desktop\Starte Redmine.lnk -> C:\Users\johnf\Desktop\Starte Redmine.bat ()
Shortcut: C:\Users\johnf\Desktop\Starte Squirrel.lnk -> C:\Users\johnf\Desktop\Starte Squirrel.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-09-19 10:34 - 2018-12-06 11:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 000167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2018-10-17 13:46 - 2018-10-17 13:46 - 000038664 _____ () D:\Programme\ProtonVPN\ProtonVPNService.exe
2018-08-17 06:50 - 2018-08-17 06:50 - 000300032 _____ () D:\Programme\ProtonVPN\Resources\64-bit\firewall.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-03 17:15 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll
2017-01-12 13:07 - 2017-01-12 13:07 - 005654128 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2019-01-09 10:28 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-13 23:22 - 2016-08-15 18:03 - 000111320 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2018-09-19 10:34 - 2018-12-06 11:14 - 101252592 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-09-19 10:34 - 2018-12-06 11:14 - 004620272 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll
2018-09-19 10:34 - 2018-12-06 11:14 - 000109040 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll
2017-11-06 16:54 - 2017-11-06 16:54 - 000135168 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2017-10-19 19:29 - 2017-10-19 19:29 - 000556032 _____ () C:\Users\johnf\AppData\Roaming\Rainmeter\Plugins\SpotifyPlugin.DLL
2017-11-06 16:54 - 2017-11-06 16:54 - 000173056 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2017-11-06 16:54 - 2017-11-06 16:54 - 000110080 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
2017-11-06 16:54 - 2017-11-06 16:54 - 000093184 _____ () C:\Program Files\Rainmeter\Plugins\Process.DLL
2018-11-25 21:43 - 2018-11-25 21:43 - 038537672 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-12-14 17:20 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-14 17:20 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-08-30 14:43 - 2011-08-23 12:04 - 000057344 _____ () D:\Programme\WinTV\TVServer\libhdhomerun.dll
2018-05-11 06:24 - 2018-05-11 06:24 - 000086968 _____ () S:\VMware\VMware Workstation\zlib1.dll
2017-08-29 17:44 - 2018-12-06 11:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-31 10:57 - 2018-07-31 10:57 - 081764304 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2018-07-31 10:57 - 2018-07-31 10:57 - 002257360 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\swiftshader\libglesv2.dll
2018-07-31 10:57 - 2018-07-31 10:57 - 000110552 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\swiftshader\libegl.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 020629504 _____ () C:\Program Files (x86)\Snagit 13\opencv_imgproc310.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 008968192 _____ () C:\Program Files (x86)\Snagit 13\opencv_core310.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 001152512 _____ () C:\Program Files (x86)\Snagit 13\cairo.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 000800768 _____ () C:\Program Files (x86)\Snagit 13\opencv_photo310.dll
2016-01-27 18:05 - 2016-01-27 18:05 - 008968192 _____ () C:\Program Files (x86)\Snagit 13\opencv_core300.dll
2016-01-27 18:05 - 2016-01-27 18:05 - 020629504 _____ () C:\Program Files (x86)\Snagit 13\opencv_imgproc300.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000588288 _____ () C:\Program Files (x86)\Snagit 13\pixman-1.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000165888 _____ () C:\Program Files (x86)\Snagit 13\libpng16.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000071680 _____ () C:\Program Files (x86)\Snagit 13\zlib1.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000778240 _____ () C:\Program Files (x86)\Snagit 13\harfbuzz.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000601088 _____ () C:\Program Files (x86)\Snagit 13\fontconfig.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 001015296 _____ () C:\Program Files (x86)\Snagit 13\libxml2.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000023552 _____ () C:\Program Files (x86)\Snagit 13\iconv.dll
2017-03-13 23:22 - 2016-08-15 18:03 - 000089816 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2017-10-18 22:58 - 2017-10-18 22:58 - 000570368 _____ () C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX32.dll
2018-11-05 14:25 - 2018-11-05 14:25 - 000142888 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000278056 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000142888 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000152616 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000097320 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-11-05 14:25 - 2018-11-05 14:25 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000142872 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000142360 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\ref\build\Release\binding.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000150552 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-10-17 10:37 - 2018-10-17 10:37 - 000271384 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-10-17 10:37 - 2018-10-17 10:37 - 000097816 _____ () C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-10-17 10:38 - 2018-10-17 10:38 - 000122392 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\bufferutil\build\Release\bufferutil.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000110104 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-10-29 18:45 - 2017-10-29 18:45 - 000101376 _____ () D:\Programme\MusicBee\MusicBeeBass.dll
2017-04-23 10:01 - 2017-04-23 10:01 - 000361472 _____ () D:\Programme\MusicBee\libFLAC.dll
2016-08-30 00:19 - 2016-08-30 00:19 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2019-01-18 23:12 - 2018-10-30 19:06 - 000879904 _____ () D:\Steam\SDL2.dll
2019-01-18 23:12 - 2016-09-01 02:02 - 004969248 _____ () D:\Steam\v8.dll
2019-01-18 23:12 - 2019-01-05 00:33 - 002650400 _____ () D:\Steam\video.dll
2019-01-18 23:12 - 2017-12-20 02:43 - 000351520 _____ () D:\Steam\libavresample-3.dll
2019-01-18 23:12 - 2017-12-20 02:43 - 000695584 _____ () D:\Steam\libavformat-57.dll
2019-01-18 23:12 - 2017-12-20 02:43 - 000847136 _____ () D:\Steam\libavutil-55.dll
2019-01-18 23:12 - 2017-12-20 02:43 - 000783648 _____ () D:\Steam\libswscale-4.dll
2019-01-18 23:12 - 2016-09-01 02:02 - 001195296 _____ () D:\Steam\icuuc.dll
2019-01-18 23:12 - 2017-12-20 02:43 - 005137696 _____ () D:\Steam\libavcodec-57.dll
2019-01-18 23:12 - 2016-09-01 02:02 - 001563936 _____ () D:\Steam\icui18n.dll
2019-01-18 23:12 - 2019-01-05 00:33 - 001028384 _____ () D:\Steam\bin\chromehtml.DLL
2019-01-18 23:12 - 2016-07-04 23:17 - 000266560 _____ () D:\Steam\openvr_api.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\noosyffq.sys:changelist [452]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2019-01-13 20:10 - 000000408 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
185.217.92.77 alto.hifitechinc.com
185.217.92.77 calvus.hifitechinc.com
185.217.92.77 cirrus.hifitechinc.com
185.217.92.77 cumulus.hifitechinc.com
185.217.92.77 lacunosus.hifitechinc.com
185.217.92.77 nimbus.hifitechinc.com
185.217.92.77 perlucidus.hifitechinc.com
185.217.92.77 stratus.hifitechinc.com
127.0.0.1 secure.prepar3d.com
127.0.0.1 fs2.fs2crew.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\ImageMagick-7.0.8-Q16;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\PuTTY\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\P;C:\Program Files\Git\cmd;C:\Program Files\nodejs\
HKU\S-1-5-21-127663350-3041579137-739029980-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-127663350-3041579137-739029980-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\johnf\AppData\Local\DisplayFusion\Wallpaper_2.png
HKU\S-1-5-21-127663350-3041579137-739029980-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-127663350-3041579137-739029980-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 204.152.184.76 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

MSCONFIG\Services: AcronisActiveProtectionService => 3
MSCONFIG\Services: AcrSch2Svc => 3
MSCONFIG\Services: afcdpsrv => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AtherosSvc => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HauppaugeTVServer => 2
MSCONFIG\Services: mmsminisrv => 3
MSCONFIG\Services: mobile_backup_server => 3
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: syncagentsrv => 3
HKLM\...\StartupApproved\StartupFolder: => "ETR.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinTV Recording Status.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "Rapidly"
HKLM\...\StartupApproved\Run: => "Granulomas"
HKLM\...\StartupApproved\Run: => "Erected"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "KeepVidProUpdateHelper.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "FxSound Enhancer"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Emigrating"
HKLM\...\StartupApproved\Run32: => "Shooed"
HKLM\...\StartupApproved\Run32: => "Symbolizing"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "VirtualDesktopManager.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "JDownloader 2.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "ProtonMail Bridge.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "barbarianbarbarian.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "barbarian.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_27E519C7728811BA68C834EBDE556FEC"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "reWASD Tray Agent"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Xpadder"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "MiPhoneManager"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Longitudinally"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Hesston"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Social"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Autocracies"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Reddish"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Halleck"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "simpsons"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "migrates"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "SandboxieControl"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{D2BD4687-ED1B-4043-A5A2-CDEF2E380F85}D:\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{10E7A4EE-9CC2-4CDB-B58D-2BDE7E03E8F6}D:\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.)
FirewallRules: [{D5EED6CF-04B4-4EBB-A1F5-28545C4CB3C7}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\WsChrome.exe ()
FirewallRules: [{43363F92-E6E9-449F-A98A-5725D90EA8DC}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\VideoCapturer.exe ()
FirewallRules: [{8C618AB5-9A10-4D06-A7E6-6AED40808CA9}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\ScreenCapture.exe ()
FirewallRules: [{EBE1FA6F-2735-4927-A596-C20A49D1E87D}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\ImageHost.exe (TODO: <Company name>)
FirewallRules: [{5EDEDED0-B6BC-4942-8EF0-805D4321E7BA}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\FilmoraExportEngine.exe ()
FirewallRules: [{D93C3453-A321-42BA-BCAA-EBFDFF1A9433}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\EffectStore.exe (Wondershare Software)
FirewallRules: [{01B21EC5-9165-40E6-B8B8-EC4D90EC888A}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\curl.exe (curl, hxxps://curl.haxx.se/)
FirewallRules: [{0D74C7C3-E997-47D6-A90F-CEAAF2B130E3}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\cmdCheckATI.exe ()
FirewallRules: [{292FB4C1-518E-4A8F-A096-6EFDEFAFACE0}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\BugSplatHD64.exe (BugSplat, LLC)
FirewallRules: [{92BACD87-A149-4C79-B452-B5C9926B93C0}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\BsSndRpt64.exe (BugSplat, LLC)
FirewallRules: [{5EFC8F58-7B9C-47D2-9582-87A2FA54712B}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\Filmora.exe (Wondershare Software)
FirewallRules: [{0837C129-AD87-4E24-A798-3485668983D3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{8E6EAA6D-CB11-4710-ABF6-8BE88C9923DB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{2FAC51BE-706D-4FA8-B025-A80FF08F2E42}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{1825FD3C-BA2E-4E78-9D7D-0DAF0C90D01C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{F6E717F4-928B-44F2-A577-F4D1B5B8B26C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ()
FirewallRules: [{5E0A9695-6C04-45BD-A5B5-C4D6C166A5E7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH)
FirewallRules: [{A3127D95-A370-4B39-B2C5-363AFE6DAD4C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH)
FirewallRules: [{243D4311-1BB8-4E0D-8FF4-BDBC59A81432}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH)
FirewallRules: [{E74BDF51-3A75-4D38-BDE5-B0C86E1822BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{54EDC038-163F-4A63-99E5-D8D2740BE728}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{E0BCD84F-B167-4FFF-A924-7BE0B09F5FC6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{5C08332A-A6BF-4F04-842A-C08E0B2E3DF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{422AF7CE-925E-4B32-96AA-98DB9E86854B}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\license_activator.exe Keine Datei
FirewallRules: [TCP Query User{CC3E399D-04C2-4027-B296-72CF9367F10B}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{1ACCFAB9-5F07-4AD3-A351-BB17A582E942}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{47442AB4-EBC5-4E38-B05A-2087D6EA896D}D:\games\planetside 2\planetside2_x64.exe] => (Allow) D:\games\planetside 2\planetside2_x64.exe (Daybreak Game Company, LLC)
FirewallRules: [UDP Query User{946A0221-94CB-4108-AC25-198EA81F1BA0}D:\games\planetside 2\planetside2_x64.exe] => (Allow) D:\games\planetside 2\planetside2_x64.exe (Daybreak Game Company, LLC)
FirewallRules: [{155FF8DA-8FC3-40BB-A582-6E8EE2D329FD}] => (Allow) LPort=8298
FirewallRules: [{EA325302-5472-43FF-89F1-ADA950408AB2}] => (Block) %ProgramFiles% (x86)\Snagit 13\Snagit32.exe Keine Datei
FirewallRules: [{6E971EAA-DC5D-4A52-9F27-3D80AA700B8F}] => (Block) %ProgramFiles% (x86)\Snagit 13\SnagitEditor.exe Keine Datei
FirewallRules: [TCP Query User{0CB6F972-9D72-4FA0-B5C8-B6CFA74F99BC}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{EEB2595F-6FAA-483D-AF16-DCF453C5BCEE}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{BBCC2C85-7EEA-472B-A57E-667C7A941165}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{A48E65D5-E3D1-461E-B9B8-3B1C834B189E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [{6459D07B-17EE-4C38-903E-CF80E75B4688}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{C2CAB29E-743C-4AE1-B60C-A6416CA97453}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{17973302-B667-47DE-81C3-1FD6C36CC876}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{9F2E2828-C0D1-411F-AF26-05F85A2E697B}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{EF1EB89E-2D40-4C8A-8FF3-5DB84B7E2546}] => (Block) D:\Programme\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe Keine Datei
FirewallRules: [{65B68B46-F6D6-452B-B895-6CF0387F59E3}] => (Block) D:\Programme\Adobe\Acrobat 11.0\Acrobat Elements\Acrobat Elements.exe Keine Datei
FirewallRules: [{DB325E95-877F-4D6B-9526-360002CC7C91}] => (Block) D:\Programme\Adobe\Acrobat 11.0\Acrobat\wow_helper.exe Keine Datei
FirewallRules: [{36301519-DF8F-4BAC-9BCC-7D6B2AD6F23D}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Bridge\Bridge.exe Keine Datei
FirewallRules: [{89A37F69-2775-4959-992D-942EBDC8B9CC}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Help Center\ahc.exe Keine Datei
FirewallRules: [{5F4C8111-75BF-4DC3-8853-27ECAD20219D}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Help Center\ahcremind.exe Keine Datei
FirewallRules: [{5BF518A2-70E0-4B7C-AC35-EB244247079D}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Utilities\ExtendScript Toolkit\ExtendScript Toolkit.exe Keine Datei
FirewallRules: [{BE852D0B-A0BF-4CBE-94C1-F001AF0196C8}] => (Block) %ProgramFiles% (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Keine Datei
FirewallRules: [{18CCAD34-C0B0-4181-98F7-8C40E40F5180}] => (Block) %ProgramFiles% (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe Keine Datei
FirewallRules: [{0933C541-8F9B-42E7-A76C-4A61B671CEA2}] => (Block) %ProgramFiles% (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe Keine Datei
FirewallRules: [{5067A4AF-7F39-4B20-8074-CAFF6DEBBC05}] => (Block) D:\Games\Prepar3D v4\Prepar3D.exe Keine Datei
FirewallRules: [{35B61310-31E6-4AD3-B58C-49E7CBA7570E}] => (Block) D:\Downloads\Prepar3d v4\Prepar3D.v4.Professional.Plus.4.0.23.21468\Setup_Prepar3D.exe Keine Datei
FirewallRules: [TCP Query User{3F4E7B57-785D-4646-8AF7-4DA0DBA0D7AB}D:\programme\substance painter 2\substance painter 2.exe] => (Block) D:\programme\substance painter 2\substance painter 2.exe (Allegorithmic)
FirewallRules: [UDP Query User{F4E33DCB-FE44-44CC-AA0C-5B08CBCDEDC9}D:\programme\substance painter 2\substance painter 2.exe] => (Block) D:\programme\substance painter 2\substance painter 2.exe (Allegorithmic)
FirewallRules: [{7EBB165B-0D9D-42F3-86C6-E857F7F845AF}] => (Allow) LPort=22453
FirewallRules: [{A352089A-E3CD-4059-BA14-9869689A6C81}] => (Allow) LPort=22453
FirewallRules: [{0B7C9FBC-41DA-45F4-93DF-936C3AAB7820}] => (Allow) D:\Programme\Microsoft Visual Studio v14 Express 2015\Common7\IDE\VSWinExpress.exe (Microsoft Corporation)
FirewallRules: [{771D836C-466B-401B-8DC1-637C36BBF4BB}] => (Block) D:\Programme\Magix Music Maker Premium\2017\MusicMaker.exe Keine Datei
FirewallRules: [{330A9EE4-9644-4783-91F3-26971CC52747}] => (Block) D:\Programme\Magix Music Maker Premium\2017\MxErr.exe Keine Datei
FirewallRules: [{DF4B4645-E4D2-4151-AA26-4B689087AC10}] => (Block) D:\Programme\Magix Music Maker Premium\2017\Online\MagixOfa.exe Keine Datei
FirewallRules: [{A894214A-577B-489C-9D65-ECEA5077F033}] => (Block) D:\Programme\Magix Music Maker Premium\2017\Online\DM\MxDownloadManager.exe Keine Datei
FirewallRules: [{ABD7A815-626A-442C-A470-F06260E4661B}] => (Block) D:\Programme\Magix Music Maker Premium\2017\coverlabel\xaralink.exe Keine Datei
FirewallRules: [TCP Query User{4E0913F2-A66E-4CD7-8169-44AE006B7A50}D:\ue_4.19\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\ue_4.19\engine\binaries\dotnet\swarmagent.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{56CDD588-6B0A-4CD6-AAA2-4E6E6E20FBB1}D:\ue_4.19\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\ue_4.19\engine\binaries\dotnet\swarmagent.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{4F4AD121-D6C7-41A1-9AD0-407AEB198A2F}D:\ue_4.19\engine\binaries\win64\ue4editor-cmd.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor-cmd.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{2F56B507-0889-428D-9FC2-B7A09B2F3C98}D:\ue_4.19\engine\binaries\win64\ue4editor-cmd.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor-cmd.exe (Epic Games, Inc.)
FirewallRules: [{C0C3D8A1-50D9-4370-BF76-020FC0100828}] => (Allow) C:\Users\johnf\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
FirewallRules: [{99BB228F-FD2A-40F0-80E3-48793506DDEF}] => (Allow) C:\Users\johnf\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
FirewallRules: [{911906D7-79F0-4919-8920-A9CE7A687775}] => (Block) D:\Games\Prepar3Dv4\Prepar3D.exe (Lockheed Martin®)
FirewallRules: [{7B9FA9AF-8EDF-437F-9907-C050E5AD22E9}] => (Allow) D:\Programme\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [{030245B2-903F-48AB-ABCF-D95AC9E6A428}] => (Allow) D:\Programme\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [{C35BDC96-A49E-41BE-93AD-AA9611DB87BE}] => (Allow) D:\Programme\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [{F3F208B5-7EC3-4B67-A54C-33957C634EB6}] => (Allow) D:\Programme\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [{E1885CF0-3FA1-4920-A23A-2F0CBEB5E1E1}] => (Allow) D:\Programme\WinTV\TVServer\CaptureDCR.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{B6A2D25B-7DE6-462E-9346-C377A91F8F1A}] => (Allow) D:\Programme\WinTV\TVServer\CaptureDCR.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{184C6FA2-68C5-4B8D-A786-F65E77012FF7}] => (Allow) D:\Programme\WinTV\TVServer\CaptureDCR.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{375F25A3-E524-4942-A278-90E0604B54B4}] => (Allow) D:\Programme\WinTV\TVServer\CaptureDCR.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{1B8D4F27-4C3C-41B8-92D0-4B1668DC88E4}] => (Allow) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{A0890218-AE68-4488-964D-D290C8770417}] => (Allow) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{86C5CB8D-269E-46BB-86E9-1627063A9C08}] => (Allow) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{4DFFF8C1-A1AB-49F6-86B7-9C6736EB51BE}] => (Allow) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works, Inc)
FirewallRules: [TCP Query User{01772DD0-BE4D-4B43-8D9B-69D940A01A71}D:\programme\wintv\wintv8\wintv8.exe] => (Allow) D:\programme\wintv\wintv8\wintv8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [UDP Query User{E26E5A50-4D4D-4139-B5F9-A78570A33315}D:\programme\wintv\wintv8\wintv8.exe] => (Allow) D:\programme\wintv\wintv8\wintv8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [TCP Query User{5D38C2C8-C630-4D42-97F9-2B6787EFAB49}D:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) D:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe (Apache Software Foundation)
FirewallRules: [UDP Query User{6858E829-7DC9-4F86-9F56-5230A28AB341}D:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) D:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe (Apache Software Foundation)
FirewallRules: [{545633A5-A085-4650-90B8-A4A12F271F2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{6562EA1D-D875-4AE8-B0BC-02D2217BED0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{B5791863-4CC9-442F-A07D-8A8E79166E2F}D:\programme\chaseplane\chaseplane.exe] => (Block) D:\programme\chaseplane\chaseplane.exe (OldProp Solutions Inc.)
FirewallRules: [UDP Query User{A2758ECA-13F6-4722-A117-4DF1E1C2E2E3}D:\programme\chaseplane\chaseplane.exe] => (Block) D:\programme\chaseplane\chaseplane.exe (OldProp Solutions Inc.)
FirewallRules: [TCP Query User{1281B099-04EE-4DB6-AEFB-C79A187373AD}D:\programme\activesky_p3dv4\as_p3dv4.exe] => (Block) D:\programme\activesky_p3dv4\as_p3dv4.exe Keine Datei
FirewallRules: [UDP Query User{F98AFF16-E4D5-4F7B-9BBE-1274363C70EC}D:\programme\activesky_p3dv4\as_p3dv4.exe] => (Block) D:\programme\activesky_p3dv4\as_p3dv4.exe Keine Datei
FirewallRules: [{EB157695-6F62-4842-ABE7-4D24779184B5}] => (Allow) LPort=445
FirewallRules: [{78C98EA4-291C-4DC1-807A-579AA3E42BE1}] => (Allow) LPort=19284
FirewallRules: [{85E38762-EBB6-426B-AD5A-98CE5DF17543}] => (Allow) LPort=19285
FirewallRules: [TCP Query User{FE8029E8-AB43-42B8-86AE-AEE478F1248B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{74AC55B7-FA41-4F6D-B015-A570E8DA941F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [{57732503-B783-4E8B-A9C0-0DEE48981FF5}] => (Block) D:\Programme\JetBrains\PhpStorm 2018.2.3\bin\phpstorm64.exe (JetBrains s.r.o.)
FirewallRules: [{E7F8CB2D-8903-49E9-B348-4AB713575272}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B4B7FA84-8002-4E77-9D76-C14B42D5B7A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{D369BB2C-83F5-43CD-8193-1B4DB47C8796}C:\program files\rainmeter\rainmeter.exe] => (Allow) C:\program files\rainmeter\rainmeter.exe (Rainmeter)
FirewallRules: [UDP Query User{DE34F8EE-FA49-46B0-8A2B-4AB32663E157}C:\program files\rainmeter\rainmeter.exe] => (Allow) C:\program files\rainmeter\rainmeter.exe (Rainmeter)
FirewallRules: [{23DC5599-F214-44DA-93F9-84E95925FFAA}] => (Block) %ProgramFiles%\Common Files\microsoft shared\OFFICE16\Office Setup Controller\Setup.exe Keine Datei
FirewallRules: [{54EE7BE0-60B2-4A7D-AA17-801A46BB661D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{1091605B-A5FD-4733-9EA9-B4BFF76D5420}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{EB466190-8E03-4B32-BAD6-11A564F7CF48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{CF970FC0-AEF1-47F8-A9F5-753F8CECDEA4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F29DF545-2A0C-4843-B428-C8D48EA1932F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{3B696DB0-E03F-4A02-B144-AAF472E08359}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
 

Broni

Malware Annihilator
FirewallRules: [{53B8CD55-8D58-4864-92F3-57C6EB4206EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{ECF5A65D-93ED-4236-BDC0-7F778C9C8A84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{55DDE1C1-8BF8-4991-8E68-83D202F9D807}D:\programme\teamviewer\teamviewer.exe] => (Allow) D:\programme\teamviewer\teamviewer.exe (TeamViewer GmbH)
FirewallRules: [UDP Query User{94186AFB-2E95-4842-AD54-98A4214E5BC8}D:\programme\teamviewer\teamviewer.exe] => (Allow) D:\programme\teamviewer\teamviewer.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{42BC814C-AB04-47C4-BEE4-61C3D65E91BE}D:\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{041614EE-79E9-4AF4-A689-D4C4388869DA}D:\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{D5EAD705-BDB4-4897-A7EA-142E8DDC8BAB}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{1876E9DF-9D70-4B08-AC81-2C6D877543E2}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{82832BC2-72B3-4278-AF20-50ABF02FC719}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{9994D3D6-1980-4AEF-806D-14BC0C9E8438}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A2CAC3EB-BE05-4A2A-BF44-9AA1B5BFADCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F4F2C5DC-2C49-45B5-B5A8-AFD5780FD5DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{044CAB49-B3A3-46E4-A4E2-DEFDDF119B5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{AE7B73B1-028E-4F11-BB7D-9DA01D1E0D1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{7C994DF4-3E2E-4600-8431-01D9D21F9BE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{8D071850-459C-4997-89B3-5DA271F19852}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{D48C8714-2C55-4495-90C7-EC891AEDCC35}D:\programme\substance painter 2\substance painter 2.exe] => (Allow) D:\programme\substance painter 2\substance painter 2.exe (Allegorithmic)
FirewallRules: [UDP Query User{958CF083-F94A-4A45-891B-B7D11616EEAE}D:\programme\substance painter 2\substance painter 2.exe] => (Allow) D:\programme\substance painter 2\substance painter 2.exe (Allegorithmic)
FirewallRules: [{09DB61F0-03DA-40E5-8E11-5FB58A537966}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{5AB531BA-3C40-4BC0-8C6A-DF4FB6E182DD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{270FA04E-E6D7-4E28-B354-028F47E5A413}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{43770D69-0B7F-4404-8B7F-0E66C5802BCD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{63A394D4-D227-43B3-A9EA-36E38A6FB01D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{A7723DA4-DEA2-42FF-8E00-FDE421DD4607}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{64F4B807-A686-4604-A510-07463414CE9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F216F36F-FF75-48E1-AAD7-FC5D7C392AB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{4AA2FABD-0495-4135-8F7C-93E39EF77D28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F778BDD7-956D-4D4F-A300-6E2D704FE65B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{9148214A-C21F-4EC8-A704-0724195E0B6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{770431B8-D0CE-4B71-8BC7-E48FCEE81ED3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A342831A-011E-4195-8863-1622525FF58A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{1BD802B2-7111-479F-8461-8984C046CE05}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Insecure.Org)
FirewallRules: [UDP Query User{CC4701B5-4D9F-4F19-8DAC-C546C8E3C27D}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Insecure.Org)
FirewallRules: [{82E73D07-2A9C-40A2-9784-41F38C8491E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{BC4DA095-C3B2-4FAB-9224-A7C57ABC8F6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{CC71B471-2679-4043-A4DC-F9BF8C7A3948}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{44237C1F-A7CE-4CBF-A84F-AE79C08E7E44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{B1D43D56-D4D4-4B0F-83BE-060C17473E56}] => (Block) D:\REX Texture Direct SC EE\rextexturedirect.exe (REX Game Studios, LLC.)
FirewallRules: [{CE0DEF93-97F2-442F-90AE-8031F8A6338C}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\ONENOTE.EXE (Microsoft Corporation)
FirewallRules: [{7886732B-C247-4CC0-B5B4-B06CD62D20E3}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\ONENOTE.EXE (Microsoft Corporation)
FirewallRules: [{0AA628F7-E187-4FDD-B381-264405B0CC9B}] => (Allow) C:\Users\johnf\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe (Opera Software)
FirewallRules: [{5A2B6F42-6FED-4CE7-8A0A-750028C5DB21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{7FE1E726-AD5A-4863-9DFF-48D369A36C61}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{50E259BC-27DA-453F-A883-7D8062A6F43F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A9D03D12-90D2-44E7-BD25-1F84C5A7C5A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{E69D6618-7AE4-41E7-B12D-B042A780BBC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F9F1AE48-C111-47E9-91BE-2B06D7E6D937}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{00AFB833-F156-42A4-9681-2A3EF9840FED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{9DDD3AE8-6619-4B0F-A6D7-42C61D3E7431}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F3E06D54-B1FC-4C0F-B2A0-1BF2A023CB81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{930F46F4-46B9-4894-8DC8-FC1BBD6BBC86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{E5AA63B5-15C2-46E5-A88F-491EEB49431D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{71E606BD-B0CF-41C9-86C6-4260EC15B180}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{EDD302CB-A71A-486C-9C39-231263209194}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A784FC5C-08E7-4A1A-8463-419E134FA620}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{C07E1771-FC4A-4923-A35B-D5720D566F52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{74F8A310-A907-42EF-94F9-942C62224F6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{ADCD2DB0-7E4F-4A3D-8E63-6214092E3FC7}D:\programme\fsgrw_p3dv4\fs global real weather.exe] => (Allow) D:\programme\fsgrw_p3dv4\fs global real weather.exe (PILOT'S GmbH)
FirewallRules: [UDP Query User{84454FC7-0C51-4C9C-BE86-5E89329B825A}D:\programme\fsgrw_p3dv4\fs global real weather.exe] => (Allow) D:\programme\fsgrw_p3dv4\fs global real weather.exe (PILOT'S GmbH)
FirewallRules: [TCP Query User{DA9482F4-93C9-4C4C-B205-A8208930E59E}D:\programme\fsgrw_p3dv4\fs global real weather launcher.exe] => (Allow) D:\programme\fsgrw_p3dv4\fs global real weather launcher.exe ()
FirewallRules: [UDP Query User{8AD3EDC1-E993-4A02-B39A-618D301778DF}D:\programme\fsgrw_p3dv4\fs global real weather launcher.exe] => (Allow) D:\programme\fsgrw_p3dv4\fs global real weather launcher.exe ()
FirewallRules: [{F2B5DC7E-2000-4442-9231-4AF3AC062C70}] => (Allow) D:\REX Texture Direct\rextexturedirect.exe (REX Game Studios, LLC.)
FirewallRules: [{1984A014-B1F6-4330-80A2-4A2243FD9009}] => (Block) D:\Games\X-Plane 11\X-Plane.exe Keine Datei
FirewallRules: [{22F06694-9445-4C48-A46A-C154F272E539}] => (Block) D:\Games\X-Plane 11\Airfoil Maker.exe Keine Datei
FirewallRules: [{349F8D37-D38B-4DA7-AFDE-E8E0B24A28E8}] => (Block) D:\Games\X-Plane 11\Plane Maker.exe Keine Datei
FirewallRules: [{1A9138DB-3ED4-4015-9A72-6ECBBF14BCFD}] => (Allow) S:\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
FirewallRules: [{DBAE5FDD-797D-4751-AAAC-45B7019777C5}] => (Allow) S:\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
FirewallRules: [{2E697E71-5274-4AAD-9B39-1F370C6CFC30}] => (Allow) S:\VMware\VMware Workstation\vmware-hostd.exe ()
FirewallRules: [{B5C61A45-BF9A-4B52-861B-FA8B51669E39}] => (Allow) S:\VMware\VMware Workstation\vmware-hostd.exe ()
FirewallRules: [{2EA884DA-3002-43D8-8ED5-8F71C6B56789}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe Keine Datei
FirewallRules: [{B03893AF-7677-4A0B-AD43-7FC4F7F373A4}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\CRWindowsClientService.exe Keine Datei
FirewallRules: [{32ED12ED-A3FA-4F04-BED9-8396A146AD87}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe Keine Datei
FirewallRules: [{75D80417-1C1D-403D-BEB8-2597AC4784FC}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\ONENOTE.EXE (Microsoft Corporation)
FirewallRules: [{75000217-70E9-413F-8E8E-D358655BC969}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\ONENOTE.EXE (Microsoft Corporation)
FirewallRules: [{45F00A27-D343-4346-A350-E657E85AB1D8}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\outlook.exe (Microsoft Corporation)
FirewallRules: [{B5DB64ED-A64E-4A01-86DA-1579131FA2DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{C61C4D3A-292E-400E-A816-8D52A4127B8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{B6D3BF6D-5177-49E3-A80D-2CB73331580F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{027469FB-474D-4C83-B50F-1839127C4267}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{22F77AF2-29CE-4EFA-9C4D-3A65C4E0271D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{245633EC-9B7D-48F5-B91A-623692F2CF9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{03CE91DA-1950-4216-B483-A51D56D3C0C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{521AA296-D729-4B21-918E-B4A69E1FD3B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{1CEC3D55-651A-42F1-BE1C-28A034D882CD}] => (Allow) C:\Users\johnf\AppData\Local\Programs\Opera\57.0.3098.116\opera.exe (Opera Software)
FirewallRules: [TCP Query User{AB704A09-25B0-44EF-AFC8-BEBDEAC79C56}D:\programme\musicbee\musicbee.exe] => (Allow) D:\programme\musicbee\musicbee.exe (Steven Mayall)
FirewallRules: [UDP Query User{8187A5AC-F57B-4430-B311-ADDC3A4049E2}D:\programme\musicbee\musicbee.exe] => (Allow) D:\programme\musicbee\musicbee.exe (Steven Mayall)
FirewallRules: [{9B74A772-689C-429D-BCB4-0B3C65C1743C}] => (Allow) LPort=3000
FirewallRules: [{2A3519CA-833F-4EEB-AF65-95387632BD89}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\VLC Setup Helper.exe (Hobbyist Software)
FirewallRules: [{3BC243A6-7E46-4108-93B0-203F487DD2B3}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{7EC4B1AC-5E58-4695-90B5-600009BD7E22}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSResponder.exe Keine Datei
FirewallRules: [{E374AF94-F8FB-47E9-BED0-80BC7B37A533}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{8D0F9C7E-4FFE-4523-A308-E2013123F0A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{6D245584-5B82-4318-AF1B-76406D5A1BBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{0FBECCDF-775E-4FD0-B8FD-C96D1B7DEDB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{FBC918D6-61CB-46DE-9E4B-23DA24427ABC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{CE30463C-FC32-4A9C-88AC-A76E7A8D712A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{B9F22B9F-ABCD-4083-B710-56D111ECC4DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{0998B337-834D-482E-B64A-E58D29B5F1E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{7177ACF3-1803-4002-AFBF-23ADF84316A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{4766FBA2-1F36-4176-ACA5-F63CEC14D4F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{168E1BF9-C543-4E61-A2F1-73F06B9E5BC7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A4D6BDC8-A498-4C95-89F2-EC1A4AAE446E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{0D5C30D3-80DC-4729-82A6-22C80CEFF285}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{3FAAF860-8225-44AF-B42C-E8D5E21CA8CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{68D2816F-9D33-4A2D-ABE3-41DC204DAA1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{185EAA3B-7086-45CF-8B6C-847D6ADC4683}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{4DF10F07-4986-44E5-AC29-CA862F7FA5DD}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware)
FirewallRules: [TCP Query User{5761FDA3-5F06-43C0-9BA5-F64BB751F19B}C:\ruby25-x64\bin\ruby.exe] => (Allow) C:\ruby25-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/)
FirewallRules: [UDP Query User{46DB32AF-873C-40A0-9D62-A2CA170126D0}C:\ruby25-x64\bin\ruby.exe] => (Allow) C:\ruby25-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/)
FirewallRules: [{26FDD2A6-3FDD-46E5-AC64-09B79FEC55BB}] => (Allow) D:\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{689CCBE5-D315-4238-BCB7-B9DE122362F2}] => (Allow) D:\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{159B65A2-277D-469D-9708-A704E6148A67}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe Keine Datei
FirewallRules: [{402B1233-1D91-4DC9-B3B5-4A9E9FF998DA}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe Keine Datei
FirewallRules: [{016CB372-3990-47CA-855A-EB9077156F89}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{9B802994-6741-432D-85C5-BCEDB5C2FD65}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{1A942FD1-0EA6-4DF5-80B6-DEF32564F3EE}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{7D745D6B-9B93-4E02-8246-A868061C4AA1}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)

==================== Wiederherstellungspunkte =========================

17-01-2019 16:45:13 Before Malwarebytes Anti-Rootkit execution
17-01-2019 21:39:43 Installed Sophos Virus Removal Tool.

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth Device (Personal Area Network) #2
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-ProtonVPN Windows Adapter V9
Description: TAP-ProtonVPN Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-ProtonVPN Windows Provider V9
Service: tapprotonvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Npcap Loopback Adapter
Description: Microsoft Loopbackadapter für KM-TEST
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kmloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/19/2019 12:09:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x1cf8
Startzeit der fehlerhaften Anwendung: 0x01d4af82e6342481
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: d94b9fc5-21f3-4764-91eb-b78ab0b1de94
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 12:09:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x1f9c
Startzeit der fehlerhaften Anwendung: 0x01d4af82e01565d2
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: d95b55b3-2118-4bea-b037-3ba498d35563
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 12:09:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x1620
Startzeit der fehlerhaften Anwendung: 0x01d4af82d9f5c111
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: f1a496d2-4900-4d71-9613-ae7844bf8391
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 12:09:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x32ec
Startzeit der fehlerhaften Anwendung: 0x01d4af82d3d9b9b1
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: 52d0fe90-e5d9-4259-ae6b-d81793d8b82a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 12:09:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x2460
Startzeit der fehlerhaften Anwendung: 0x01d4af82cdba7e6c
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: 99de1a71-b900-48b8-80ee-373994aafd8a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 12:08:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0x01d4af82c79be331
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: fd82944b-9344-4f1f-a4ad-202d8cc2a72c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 12:08:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x854
Startzeit der fehlerhaften Anwendung: 0x01d4af82c178a18a
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: b3fbcced-6b27-401d-8407-462e51da7661
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 12:08:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x1758
Startzeit der fehlerhaften Anwendung: 0x01d4af82bb5a9d99
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: ad73618c-bc35-442d-9947-32772723e32e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (01/19/2019 12:04:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/18/2019 11:06:36 PM) (Source: DCOM) (EventID: 10016) (User: EPSON3191BJ)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "EPSON3191BJ\johnf" (SID: S-1-5-21-127663350-3041579137-739029980-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/18/2019 10:54:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070005 fehlgeschlagen: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic

Error: (01/18/2019 10:47:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/18/2019 10:42:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/18/2019 10:38:30 PM) (Source: DCOM) (EventID: 10016) (User: EPSON3191BJ)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "EPSON3191BJ\johnf" (SID: S-1-5-21-127663350-3041579137-739029980-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/18/2019 10:36:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/18/2019 10:36:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


Windows Defender:
===================================
Date: 2018-11-29 00:45:32.335
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

Date: 2018-11-29 00:45:32.328
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

Date: 2018-11-29 00:45:32.328
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

Date: 2018-11-28 19:14:08.323
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

Date: 2018-11-28 19:14:08.323
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

CodeIntegrity:
===================================

Date: 2019-01-17 16:11:44.439
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 15:46:15.933
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-09 13:52:40.383
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\DisplayFusion\Hooks\AppHook64_213ED4A0-83A4-4A6D-A3C0-60426DC3578A.dll that did not meet the Store signing level requirements.

Date: 2019-01-02 07:39:18.396
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-02 07:39:18.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-02 07:39:18.387
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-02 07:39:18.384
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-02 07:39:18.380
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 24444.22 MB
Verfügbarer physikalischer RAM: 18696.79 MB
Summe virtueller Speicher: 28028.22 MB
Verfügbarer virtueller Speicher: 22203.41 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:118.13 GB) (Free:14.15 GB) NTFS
Drive d: (Daten) (Fixed) (Total:786.95 GB) (Free:24.47 GB) NTFS
Drive f: (Der Seewolf) (Removable) (Total:29.89 GB) (Free:1.55 GB) NTFS
Drive s: (Games) (Fixed) (Total:144.43 GB) (Free:6.47 GB) NTFS

\\?\Volume{c1db7f81-146e-4ed4-b4f6-5d0efa598e6e}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.6 GB) NTFS
\\?\Volume{012d7787-bfae-4e74-aaa1-7ab7443b72a4}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6DD4F5AC)

Partition: GPT.

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: AA2B32C7)

Partition: GPT.

========================================================
Disk: 2 (Size: 29.9 GB) (Disk ID: 944B262A)
Partition 1: (Not Active) - (Size=29.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
 

Broni

Malware Annihilator
Uninstall following unwanted program:

App Explorer

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 

xcy7e

TS Rookie
RogueKiller Anti-Malware V13.0.22.0 (x64) [Jan 14 2019] (Free) von Adlice Software
Mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Betriebssystem : Windows 10 (10.0.17134) 64 bits
Gestartet in : Normaler Modus
Benutzer : johnf [Administrator]
Gestartet von : C:\Program Files\RogueKiller\RogueKiller64.exe
Modus : Standard-Scan, Löschen -- Datum : 2019/01/19 11:14:22 (Dauer : 00:15:08)
Switches : -refid 3

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Löschen ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[VT.Unknown (Potenziell bösartig)] PBUpdater.exe [PasswordBoss, LLC] -- %programfiles(x86)%\PasswordBoss\PBUpdater\PBUpdater.exe -> Beendet [Tree]
[VT.Unknown (Potenziell bösartig)] \PasswordBoss_Desktop_HealthChk_EPSON3191BJ_johnf -- C:\Program Files (x86)\PasswordBoss\PasswordBoss.exe (/service) -> Gelöscht
[VT.Unknown (Potenziell bösartig)] \PasswordBoss_Desktop_24h_EPSON3191BJ_johnf -- C:\Program Files (x86)\PasswordBoss\PasswordBoss.exe (/setup24h /auto) -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] HKEY_CLASSES_ROOT\CLSID\{93469602-4134-4012-A6BC-8724B0C6EFF4} -- [%programfiles(x86)%\TweakBit\PCRepairKit\BrowserCareHelper.Agent.x64.dll] -> Gelöscht
[Suspicious.Path (Potenziell bösartig)] HKEY_CLASSES_ROOT\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F} -- [%localappdata%\Google\Chrome SxS\Application\73.0.3676.0\notification_helper.exe] -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\TweakBit -- -> Gelöscht
[PUM.Policies (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Ersetzt (2)
[PUM.Policies (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Ersetzt (2)
[PUP.HackTool (Potenziell bösartig)] SECOH-QAD.exe -- %SystemRoot%\SECOH-QAD.exe -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] TweakBit -- %programdata%\Microsoft\Windows\Start Menu\Programs\TweakBit -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] TweakBit -- %programdata%\TweakBit -> Gelöscht
[PUP.HackTool (Potenziell bösartig)] KMSpico -- %ProgramFiles%\KMSpico -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] TweakBit -- %programfiles(x86)%\TweakBit -> Gelöscht
[PUP.Gen1 (Potenziell bösartig)] TweakBit -- %programfiles(x86)%\TweakBit -> Gefunden
 

xcy7e

TS Rookie
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 19.01.19
Scan-Zeit: 11:17
Protokolldatei: 701b9546-1bd3-11e9-8bac-a81e846ac091.json

-Softwaredaten-
Version: 3.6.1.2711
Komponentenversion: 1.0.519
Version des Aktualisierungspakets: 1.0.8862
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.523)
CPU: x64
Dateisystem: NTFS
Benutzer: EPSON3191BJ\johnf

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 556801
Erkannte Bedrohungen: 32
In die Quarantäne verschobene Bedrohungen: 30
Abgelaufene Zeit: 4 Min., 0 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5AEA8CFE-B238-4D0A-9362-D55F38ECB795}_is1, In Quarantäne, [1573], [349175],1.0.8862

Registrierungswert: 2
PUP.Optional.TweakBit, HKU\S-1-5-21-127663350-3041579137-739029980-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|72, In Quarantäne, [1573], [483196],1.0.8862
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5AEA8CFE-B238-4D0A-9362-D55F38ECB795}_is1|DISPLAYNAME, In Quarantäne, [1573], [349175],1.0.8862

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 29
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\ATUPDATERSHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\BROWSERCAREHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\DISKCLEANERHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\FILESHREDDER.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\REGISTRYCLEANERHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
Generic.Malware/Suspicious, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\12D9B9ED8801E7B2.VIR\KMSELDI.EXE, Keine Aktion durch Benutzer, [0], [392686],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\BROWSERCAREHELPER.AGENT.X32.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\DUPLICATEFILEFINDERHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\INTERNETOPTIMIZERHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\RDBOOT32.EXE, In Quarantäne, [1573], [477309],1.0.8862
Generic.Malware/Suspicious, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\12D9B9ED8801E7B2.VIR\AUTOPICO.EXE, Keine Aktion durch Benutzer, [0], [392686],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\ATPOPUPSHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\BROWSERCAREHELPER.AGENT.X64.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\RDBOOT64.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\SYSTEMINFORMATIONHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
Generic.Malware/Suspicious, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\1BB61596A9615456.VIR, In Quarantäne, [0], [392686],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\AXBROWSERS.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\DISKWIPEHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\GASENDER.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\REGISTRYDEFRAG.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\TWEAKMANAGER.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\DOWNLOADER.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\PCREPAIRKIT.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\REGISTRYDEFRAGHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\TWEAKMANAGERHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\USERS\JOHNF\APPDATA\LOCAL\TEMP\_DEL_0X80000003-REPAIRKIT\GASENDER.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\DUPLICATEFILEFINDER.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\INTERNETOPTIMIZER.EXE, In Quarantäne, [1573], [477309],1.0.8862
PUP.Optional.TweakBit, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DA8976B4170993C7.VIR\PCREPAIRKIT\SPYWARECHECKERHELPER.DLL, In Quarantäne, [1573], [477309],1.0.8862

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
 

xcy7e

TS Rookie
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-19-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 15
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-21-127663350-3041579137-739029980-500\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-21-127663350-3041579137-739029980-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-21-127663350-3041579137-739029980-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-21-127663350-3041579137-739029980-500\Software\Host App Service
Deleted HKU\S-1-5-21-127663350-3041579137-739029980-1002\Software\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKU\S-1-5-21-127663350-3041579137-739029980-1000\Software\Host App Service
Deleted HKU\S-1-5-20\Software\Host App Service
Deleted HKU\S-1-5-19\Software\Host App Service
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKLM\Software\Classes\CLSID\{D4EF86C3-77D7-4F82-BBB8-6DFFAB6E2D32}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted qone8
Not Deleted Trovi search
Not Deleted Websuche
Deleted Trovi search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2902 octets] - [19/01/2019 11:26:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Broni

Malware Annihilator
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 

xcy7e

TS Rookie
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2019 01
durchgeführt von johnf (Administrator) auf EPSON3191BJ (19-01-2019 18:55:43)
Gestartet von D:\tmp
Geladene Profile: defaultuser0 & johnf & admin & Administrator (Verfügbare Profile: defaultuser0 & johnf & admin & Administrator)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(PasswordBoss, LLC) C:\Program Files (x86)\PasswordBoss\PBUpdater\PBUpdater.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() D:\Programme\ProtonVPN\ProtonVPNService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(MongoDB, Inc) C:\Program Files\MongoDB\Server\4.0\bin\mongod.exe
(Hauppauge Computer Works, Inc) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) S:\VMware\VMware Workstation\vmware-authd.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AvJoeSW Inc.) C:\Program Files (x86)\BGPKiller\BGPKiller.exe
(Venturi) D:\Programme\HideVolumeOSD\HideVolumeOSD.exe
(Skwire Empire) C:\RibbonDisabler\TBarIconBlanker.exe
(TechSmith Corporation) C:\Program Files (x86)\Snagit 13\Snagit32.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(TechSmith Corporation) C:\Program Files (x86)\Snagit 13\SnagPriv.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TechSmith Corporation) C:\Program Files (x86)\Snagit 13\SnagitEditor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files (x86)\PasswordBoss\extensions\Chrome\PBChromeGlue.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Steven Mayall) D:\Programme\MusicBee\MusicBee.exe
(Mailbird) D:\Programme\Mailbird\Mailbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(The CefSharp Authors) D:\Programme\Mailbird\x64\CefSharp.BrowserSubprocess.exe
(The CefSharp Authors) D:\Programme\Mailbird\x64\CefSharp.BrowserSubprocess.exe
(The CefSharp Authors) D:\Programme\Mailbird\x64\CefSharp.BrowserSubprocess.exe
(The CefSharp Authors) D:\Programme\Mailbird\x64\CefSharp.BrowserSubprocess.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionHookApp64.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionHookApp32.exe
(The CefSharp Authors) D:\Programme\Mailbird\x64\CefSharp.BrowserSubprocess.exe
(AppWork GmbH) C:\Users\johnf\AppData\Local\JDownloader 2.0\JDownloader2.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(PasswordBoss, LLC) C:\Program Files (x86)\PasswordBoss\PasswordBoss.exe
() C:\Program Files (x86)\PasswordBoss\PBIEBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(The CefSharp Authors) D:\Programme\Mailbird\x64\CefSharp.BrowserSubprocess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\tmp\FRST64 (1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [588136 2017-01-18] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobePSE17AutoAnalyzer] => D:\Programme\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2016-11-13] (Acronis International GmbH)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1695224 2017-11-13] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-06-08] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => D:\Programme\Microsoft Office 2010 Professional Plus\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-19] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-127663350-3041579137-739029980-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [DisplayFusion] => C:\Programme\DisplayFusion\DisplayFusion.exe [10048920 2018-12-27] (Binary Fortress Software)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [reWASD Tray Agent] => D:\Programme\reWASD\Launcher.exe [3405504 2017-11-02] (Disc Soft Ltd)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [EpicGamesLauncher] => D:\Programme\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35184016 2019-01-15] (Epic Games, Inc.)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [Google Update] => C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-17] (Google Inc.)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3682968 2018-07-09] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [Steam] => D:\Steam\steam.exe [3133216 2019-01-05] (Valve Corporation)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [GoogleChromeAutoLaunch_27E519C7728811BA68C834EBDE556FEC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc.)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [Mailbird] => D:\Programme\Mailbird\Mailbird.exe [8578216 2018-12-19] (Mailbird)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Run: [PasswordBoss] => C:\Program Files (x86)\PasswordBoss\PasswordBoss.exe [331024 2019-01-18] (PasswordBoss, LLC)
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {388c7019-d5a0-11e8-8a26-061cc31ba87d} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {48059458-1317-11e9-8a78-a81e846ac091} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {675494ea-727a-11e8-89dc-a81e846ac091} - "G:\dvdcheck.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {7a5ac85a-9635-11e8-89f6-a81e846ac091} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {7f428c8c-6ddf-11e8-89da-a81e846ac091} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\MountPoints2: {b0fae1d3-7589-11e8-89df-a81e846ac091} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Programme\DisplayFusion\DFSSaver.scr [6884352 2018-12-27] (Binary Fortress Software)
HKU\S-1-5-21-127663350-3041579137-739029980-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Drivers32-x32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [70656 2004-01-25] (www.helixcommunity.org)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2018-08-30]
ShortcutTarget: AutoStart IR.lnk -> D:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BGPKiller.lnk [2018-12-14]
ShortcutTarget: BGPKiller.lnk -> C:\Program Files (x86)\BGPKiller\BGPKiller.exe (AvJoeSW Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ETR.lnk [2017-12-11]
ShortcutTarget: ETR.lnk -> C:\RibbonDisabler\etr64.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HideVolumeOSD (1).lnk [2017-11-05]
ShortcutTarget: HideVolumeOSD (1).lnk -> D:\Programme\HideVolumeOSD\HideVolumeOSD.exe (Venturi)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TBarIconBlanker.lnk [2017-12-11]
ShortcutTarget: TBarIconBlanker.lnk -> C:\RibbonDisabler\TBarIconBlanker.exe (Skwire Empire)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSC_SI_13.lnk [2017-11-30]
ShortcutTarget: TSC_SI_13.lnk -> C:\Program Files (x86)\Snagit 13\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2018-08-30]
ShortcutTarget: WinTV Recording Status.lnk -> D:\Programme\WinTV\WinTV8\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JDownloader 2.lnk [2018-01-22]
ShortcutTarget: JDownloader 2.lnk -> C:\Users\johnf\AppData\Local\JDownloader 2.0\JDownloader2.exe (AppWork GmbH)
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-01-22]
ShortcutTarget: MEGAsync.lnk -> C:\Users\johnf\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ProtonMail Bridge.lnk [2018-11-21]
ShortcutTarget: ProtonMail Bridge.lnk -> D:\Programme\ProtonMail Bridge\Desktop-Bridge.exe ()
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-11-07]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WallpaperDayNightCycleScriptBG.lnk [2019-01-19]
ShortcutTarget: WallpaperDayNightCycleScriptBG.lnk -> C:\Programme\DisplayFusion\DisplayFusionCommand.exe (Binary Fortress Software)
GroupPolicy: Beschränkung ? <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{109ed733-761c-4c21-a36e-2227cfa51343}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{42b2ff9e-009a-429b-b5a2-f36b3e806da8}: [NameServer] 204.152.184.76,8.8.8.8
Tcpip\..\Interfaces\{42b2ff9e-009a-429b-b5a2-f36b3e806da8}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-127663350-3041579137-739029980-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131636414581884282&GUID=8B5751C8-C74A-4A58-BDB3-98A2FE9D6F40
HKU\S-1-5-21-127663350-3041579137-739029980-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-127663350-3041579137-739029980-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131636414582765433&GUID=8B5751C8-C74A-4A58-BDB3-98A2FE9D6F40
HKU\S-1-5-21-127663350-3041579137-739029980-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-127663350-3041579137-739029980-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-127663350-3041579137-739029980-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-127663350-3041579137-739029980-1001 -> DefaultScope {B02D0787-BF2C-496E-8534-50198E09B2E5} URL =
SearchScopes: HKU\S-1-5-21-127663350-3041579137-739029980-1001 -> {B02D0787-BF2C-496E-8534-50198E09B2E5} URL =
BHO: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-14] (Oracle Corporation)
BHO: Password Boss -> {99af1bd8-7efc-4361-aed5-8c612492a051} -> C:\WINDOWS\System32\mscoree.dll [2018-04-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Programme\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-14] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Kein Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\johnf\Windows Themes\one1184\OldNewExplorer32.dll [2017-08-16] (www.startisback.com)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-31] (Oracle Corporation)
BHO-x32: Password Boss -> {99af1bd8-7efc-4361-aed5-8c612492a051} -> C:\WINDOWS\SysWOW64\mscoree.dll [2018-04-12] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programme\Microsoft Office 2010 Professional Plus\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-31] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM - Password Boss Toolbar - {2b43dc1c-e3a3-4bad-8242-6fa6302d3f34} - C:\WINDOWS\System32\mscoree.dll [2018-04-12] (Microsoft Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Password Boss Toolbar - {2b43dc1c-e3a3-4bad-8242-6fa6302d3f34} - C:\WINDOWS\SysWOW64\mscoree.dll [2018-04-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: t5nr5z14.default
FF ProfilePath: C:\Users\johnf\AppData\Roaming\Mozilla\Firefox\Profiles\t5nr5z14.default [2019-01-19]
FF NetworkProxy: Mozilla\Firefox\Profiles\t5nr5z14.default -> socks", "localhost"
FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\johnf\AppData\Roaming\Mozilla\Firefox\Profiles\t5nr5z14.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2018-11-11]
FF Extension: (Avast SafePrice) - C:\Users\johnf\AppData\Roaming\Mozilla\Firefox\Profiles\t5nr5z14.default\Extensions\sp@avast.com.xpi [2019-01-19]
FF Extension: (Avast Online Security) - C:\Users\johnf\AppData\Roaming\Mozilla\Firefox\Profiles\t5nr5z14.default\Extensions\wrc@avast.com.xpi [2019-01-19]
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programme\Microsoft Office 2010 Professional Plus\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Programme\Microsoft Office 2010 Professional Plus\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems)
FF Plugin HKU\S-1-5-21-127663350-3041579137-739029980-1001: @tools.google.com/Google Update;version=3 -> C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-127663350-3041579137-739029980-1001: @tools.google.com/Google Update;version=9 -> C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Active:"chrome-extension://nnnkddnnlpamobajfibfdgfnbcnkgngh/pages/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://www.techspot.com/community/topics/infection-aftermath-help-needed.251488/
CHR Profile: C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default [2019-01-19]
CHR Extension: (Präsentationen) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-01]
CHR Extension: (Bookmark Favicon Changer) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmfnomgphggonodopogfbmkneepfgnh [2018-12-01]
CHR Extension: (Material Incognito Dark Theme) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2019-01-18]
CHR Extension: (Theme Creator) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2018-12-01]
CHR Extension: (Docs) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-01]
CHR Extension: (Google Drive) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-01]
CHR Extension: (Select & translate - context menu) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bapcampblfdohlgnilfjbmhjijhflbjf [2018-12-01]
CHR Extension: (YouTube) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-01]
CHR Extension: (Adblock Plus) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]
CHR Extension: (Pushbullet) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2018-12-01]
CHR Extension: (Adblock für Youtube™) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-12-19]
CHR Extension: (Xdebug helper) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\eadndfjplgieldjbigjakmdgkmoaaaoc [2019-01-13]
CHR Extension: (jQuery Injector) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkjohcjbjcjjifokpingdbdlfekjcgi [2018-12-24]
CHR Extension: (Password Boss) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdfemjpbhpcjeadhbblfifdldedefnhe [2019-01-19]
CHR Extension: (I don't care about cookies) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2018-12-20]
CHR Extension: (Stylish- Benutzerdef. Motive f. jede Webseite) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2018-12-25]
CHR Extension: (Avira Browserschutz) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-07]
CHR Extension: (Google Docs Offline) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-01]
CHR Extension: (AdBlock) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-16]
CHR Extension: (Ad-Free SoundCloud) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnjglicckckaeiijceebbfgeibnehjgg [2019-01-12]
CHR Extension: (Auto Refresh) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko [2019-01-19]
CHR Extension: (Google Hangouts) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-12-14]
CHR Extension: (Open-as-Popup) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncppfjladdkdaemaghochfikpmghbcpc [2018-12-01]
CHR Extension: (Twitch Now) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2018-12-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-01]
CHR Extension: (J CSS Reload) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnmebjmgdonemncjdliomljdfhpnlekk [2018-12-01]
CHR Extension: (Infinity New Tab (Pro)) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnkddnnlpamobajfibfdgfnbcnkgngh [2019-01-18]
CHR Extension: (ColorPick Eyedropper) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2018-12-18]
CHR Extension: (Google Mail) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-14]
CHR Extension: (Custom JavaScript for websites ) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\poakhlngfciodnhlhhgnaaelnpjljija [2018-12-01]
CHR Extension: (Popout for YouTube™) - C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofekaindcmmojfnfgbpklepkjfilcep [2018-12-03]
CHR Profile: C:\Users\johnf\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-07]
CHR Profile: C:\Users\johnf\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-127663350-3041579137-739029980-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [1175976 2017-01-16] (Acronis International GmbH)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1276464 2017-01-18] ()
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Inc.)
S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086232 2017-09-29] ()
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-19] (AVAST Software)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-19] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-19] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8352184 2019-01-15] ()
R2 DisplayFusionService; C:\Programme\DisplayFusion\DisplayFusionService.exe [6601128 2018-12-27] (Binary Fortress Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-15] (EasyAntiCheat Ltd)
R2 HauppaugeTVServer; D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe [587048 2018-08-15] (Hauppauge Computer Works, Inc) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4679576 2016-12-20] (Acronis International GmbH)
S4 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2908352 2017-01-06] (Acronis International GmbH)
R2 MongoDB; C:\Program Files\MongoDB\Server\4.0\bin\mongod.exe [32523264 2018-12-19] (MongoDB, Inc) [Datei ist nicht signiert]
S2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-03-09] (Native Instruments GmbH) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
R2 PBUpdater; C:\Program Files (x86)\PasswordBoss\PBUpdater\PBUpdater.exe [1931016 2019-01-18] (PasswordBoss, LLC)
R2 ProtonVPN Service; D:\Programme\ProtonVPN\ProtonVPNService.exe [38664 2018-10-17] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [328344 2018-07-09] (Sandboxie Holdings, LLC)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7013704 2016-12-21] ()
R2 TeamViewer; C:\Programme\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH)
S4 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation)
R2 VMAuthdService; S:\VMware\VMware Workstation\vmware-authd.exe [96184 2018-05-11] (VMware, Inc.)
S2 VMwareHostd; S:\VMware\VMware Workstation\vmware-hostd.exe [14346680 2018-05-11] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-06-22] (Microsoft Corporation)
S3 wampapache64; d:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [Datei ist nicht signiert]
S3 wampmariadb64; d:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] ()
S3 wampmysqld64; d:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-27] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2016-12-27] ()
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-19] (AVAST Software)
S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-19] (AVAST Software)
S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-19] (AVAST Software)
S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-19] (AVAST Software)
S3 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-19] (AVAST Software)
S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-19] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-19] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-19] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-19] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-19] (AVAST Software)
S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-19] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-19] (AVAST Software)
S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-19] (AVAST Software)
S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-19] (AVAST Software)
S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-19] (AVAST Software)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [605616 2017-12-23] (Qualcomm)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2017-06-19] (Windows (R) Win 7 DDK provider)
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2017-06-19] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
S3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN Microelectronic Corp.)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-12-23] (ELAN Microelectronic Corp.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [14976 2012-12-22] (Huawei Technologies Co., Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [447328 2017-09-29] (Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [375136 2017-09-29] (Acronis International GmbH)
R0 hidgamemap; C:\WINDOWS\System32\drivers\hidgamemap.sys [148992 2017-11-11] (Disc Soft Ltd)
S3 HWHandSetProLine; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2011-10-23] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-12-23] (REALiX(tm))
S3 hw_ctrlfakedev; C:\WINDOWS\system32\DRIVERS\hw_ctrlfakedev.sys [115712 2015-03-10] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-23] (Huawei Technologies Co., Ltd.)
S3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [16896 2018-04-12] (Microsoft Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81736 2017-07-27] (Insecure.Com LLC.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_9a6512484ba25dcd\nvlddmkm.sys [20461984 2019-01-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-12-23] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [782816 2017-12-23] (Realsil Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [228176 2018-07-09] (Sandboxie Holdings, LLC)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [264192 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310560 2017-09-29] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [214360 2017-09-29] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [688864 2017-09-29] (Acronis International GmbH)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-01-19] ()
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-08-14] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-08-14] (Oracle Corporation)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [324448 2017-09-29] (Acronis International GmbH)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [36768 2018-08-25] (Microsoft Corporation)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)
U3 aswbdisk; kein ImagePath
U1 avgbdisk; kein ImagePath
S3 HTCAND64; \SystemRoot\System32\Drivers\ANDROIDUSB.sys [X]
U4 npcap_wifi; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

xcy7e

TS Rookie
==================== Ein Monat (erstellte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-01-19 15:28 - 2019-01-19 16:04 - 000003818 _____ C:\WINDOWS\System32\Tasks\PasswordBoss_Desktop_24h_EPSON3191BJ_johnf
2019-01-19 12:37 - 2019-01-19 12:37 - 000000000 ___DC C:\Users\johnf\AppData\Local\Mailbird
2019-01-19 12:37 - 2019-01-19 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird
2019-01-19 12:37 - 2019-01-19 12:37 - 000000000 ____D C:\ProgramData\Mailbird
2019-01-19 11:28 - 2019-01-19 16:04 - 000003658 _____ C:\WINDOWS\System32\Tasks\PasswordBoss_Desktop_HealthChk_EPSON3191BJ_johnf
2019-01-19 11:26 - 2019-01-19 11:27 - 000000000 ____D C:\AdwCleaner
2019-01-19 11:23 - 2019-01-19 11:23 - 000006405 ____C C:\Users\johnf\Desktop\MB3report.txt
2019-01-19 11:17 - 2019-01-19 11:17 - 000001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-19 11:17 - 2019-01-19 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-19 11:17 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-19 10:46 - 2019-01-19 10:46 - 000028272 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2019-01-19 10:42 - 2019-01-19 10:42 - 007320272 ____C (Malwarebytes) C:\Users\johnf\Desktop\AdwCleaner.exe
2019-01-19 10:39 - 2019-01-19 10:42 - 082399896 ____C (Malwarebytes ) C:\Users\johnf\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8850.exe
2019-01-19 10:33 - 2019-01-19 10:34 - 029181976 ____C (Adlice Software ) C:\Users\johnf\Desktop\RogueKiller_setup_ref3.exe
2019-01-19 00:26 - 2019-01-19 16:04 - 000003532 _____ C:\WINDOWS\System32\Tasks\PasswordBoss_Desktop
2019-01-19 00:26 - 2019-01-19 00:26 - 000001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Password Boss.lnk
2019-01-19 00:26 - 2019-01-19 00:26 - 000001130 _____ C:\Users\Public\Desktop\Password Boss.lnk
2019-01-19 00:26 - 2019-01-19 00:26 - 000000000 ____D C:\ProgramData\PasswordBoss, LLC
2019-01-19 00:26 - 2019-01-19 00:26 - 000000000 ____D C:\ProgramData\PasswordBoss
2019-01-19 00:26 - 2019-01-19 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PasswordBoss
2019-01-19 00:26 - 2019-01-19 00:26 - 000000000 ____D C:\Program Files (x86)\PasswordBoss
2019-01-19 00:20 - 2019-01-19 00:28 - 000000000 ____D C:\ProgramData\InstallMate
2019-01-19 00:14 - 2019-01-19 00:14 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-01-19 00:14 - 2019-01-19 00:14 - 000002154 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-19 00:14 - 2019-01-19 00:14 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\AVAST Software
2019-01-19 00:14 - 2019-01-19 00:14 - 000000000 ___DC C:\Users\johnf\AppData\Local\AVAST Software
2019-01-19 00:10 - 2019-01-19 00:10 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-19 00:10 - 2019-01-19 00:10 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000223056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-01-19 00:10 - 2019-01-19 00:10 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-19 00:10 - 2019-01-19 00:10 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-19 00:07 - 2019-01-19 00:07 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-19 00:06 - 2019-01-19 00:10 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-18 12:17 - 2019-01-18 12:17 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\NVIDIA
2019-01-18 09:55 - 2019-01-18 09:56 - 000000000 ___DC C:\Users\johnf\AppData\Local\Steam
2019-01-18 09:05 - 2019-01-18 09:05 - 000000554 _____ C:\Users\Public\Desktop\Steam.lnk
2019-01-18 09:05 - 2019-01-18 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-18 08:46 - 2019-01-18 08:59 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Wise Registry Cleaner
2019-01-18 08:46 - 2019-01-18 08:46 - 000001306 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2019-01-18 08:46 - 2019-01-18 08:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2019-01-18 08:46 - 2019-01-18 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2019-01-18 08:46 - 2019-01-18 08:46 - 000000000 ____D C:\Program Files (x86)\Wise
2019-01-17 21:41 - 2019-01-17 21:41 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2019-01-17 21:41 - 2019-01-17 21:41 - 000000000 ____D C:\ProgramData\Sophos
2019-01-17 21:41 - 2019-01-17 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-01-17 21:41 - 2019-01-17 21:41 - 000000000 ____D C:\Program Files (x86)\Sophos
2019-01-17 18:31 - 2019-01-17 18:31 - 000002259 _____ C:\WINDOWS\epplauncher.mif
2019-01-17 17:25 - 2019-01-17 17:25 - 000000000 ___HD C:\$SysReset
2019-01-17 17:20 - 2019-01-19 18:55 - 000000000 ____D C:\FRST
2019-01-17 17:10 - 2019-01-17 17:10 - 005660510 ____C (Swearware) C:\Users\johnf\Desktop\ComboFix.exe
2019-01-17 16:50 - 2019-01-17 16:50 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\522414DD.sys
2019-01-17 16:49 - 2019-01-17 17:03 - 000000000 ___DC C:\Users\johnf\Desktop\mbar
2019-01-17 16:49 - 2019-01-17 17:03 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-01-17 16:23 - 2019-01-19 10:45 - 000000905 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-01-17 16:23 - 2019-01-19 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-01-17 16:23 - 2019-01-19 10:45 - 000000000 ____D C:\Program Files\RogueKiller
2019-01-17 16:23 - 2019-01-17 17:11 - 000000000 ____D C:\ProgramData\RogueKiller
2019-01-17 15:49 - 2019-01-17 16:12 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\ClassicShell
2019-01-17 15:49 - 2019-01-17 15:49 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\ansel
2019-01-17 15:49 - 2019-01-17 15:49 - 000000000 _____ C:\Users\Administrator.EPSON3191BJ\Desktop\Neues Textdokument.txt
2019-01-17 15:48 - 2019-01-17 15:48 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\ClassicShell
2019-01-17 15:47 - 2019-01-17 16:11 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\D3DSCache
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\TechSmith
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\LocalLow\CampoSanto
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Steam
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\DBG
2019-01-17 15:47 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\CrashDumps
2019-01-17 15:46 - 2019-01-17 15:49 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Adobe
2019-01-17 15:46 - 2019-01-17 15:46 - 000001417 _____ C:\Users\Administrator.EPSON3191BJ\Desktop\Microsoft Edge.lnk
2019-01-17 15:46 - 2019-01-17 15:46 - 000000921 _____ C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elements Creations Notification.lnk
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ___HD C:\Users\Administrator.EPSON3191BJ\MicrosoftEdgeBackups
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\BGPKiller
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\TechSmith
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Publishers
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\MicrosoftEdge
2019-01-17 15:46 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\CEF
2019-01-17 15:45 - 2019-01-17 16:12 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Packages
2019-01-17 15:45 - 2019-01-17 16:11 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2019-01-17 15:45 - 2019-01-17 15:49 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Adobe
2019-01-17 15:45 - 2019-01-17 15:49 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ
2019-01-17 15:45 - 2019-01-17 15:47 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\NVIDIA Corporation
2019-01-17 15:45 - 2019-01-17 15:46 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\ConnectedDevicesPlatform
2019-01-17 15:45 - 2019-01-17 15:45 - 000000020 ___SH C:\Users\Administrator.EPSON3191BJ\ntuser.ini
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Vorlagen
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Startmenü
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Netzwerkumgebung
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Lokale Einstellungen
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Eigene Dateien
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Druckumgebung
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\AppData\Local\Verlauf
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\AppData\Local\Anwendungsdaten
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 _SHDL C:\Users\Administrator.EPSON3191BJ\Anwendungsdaten
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 ___RD C:\Users\Administrator.EPSON3191BJ\3D Objects
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\NVIDIA
2019-01-17 15:45 - 2019-01-17 15:45 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Google
2019-01-17 15:45 - 2018-12-14 17:20 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Macromedia
2019-01-17 15:45 - 2018-04-12 00:34 - 000001105 _____ C:\Users\Administrator.EPSON3191BJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-17 15:45 - 2017-11-29 19:26 - 000000000 ____D C:\Users\Administrator.EPSON3191BJ\AppData\Local\Microsoft Help
2019-01-16 19:12 - 2019-01-16 19:12 - 000013212 ____C C:\Users\johnf\AppData\Local\recently-used.xbel
2019-01-16 19:09 - 2019-01-16 19:12 - 000001965 ____C C:\Users\johnf\Desktop\Starte Redmine.lnk
2019-01-16 19:08 - 2019-01-16 19:09 - 000000270 ____C C:\Users\johnf\Desktop\Starte Redmine.bat
2019-01-16 19:05 - 2019-01-16 19:05 - 000000000 ____D C:\Users\johnf\.gem
2019-01-16 19:03 - 2019-01-16 19:03 - 000000000 ____D C:\Users\johnf\.gnupg
2019-01-16 18:55 - 2019-01-16 18:55 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.5.3-1-x64 with MSYS2
2019-01-16 18:53 - 2019-01-16 18:53 - 000000000 ____D C:\Ruby25-x64
2019-01-16 18:51 - 2019-01-16 18:51 - 000001857 ____C C:\Users\johnf\Desktop\ImageMagick Display.lnk
2019-01-16 18:51 - 2019-01-16 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 7.0.8 Q16 (64-bit)
2019-01-16 18:51 - 2019-01-16 18:51 - 000000000 ____D C:\Program Files\ImageMagick-7.0.8-Q16
2019-01-16 10:57 - 2019-01-16 10:57 - 000000000 _____ C:\Users\Public\Shared Files
2019-01-16 10:56 - 2019-01-16 10:56 - 000000000 ___DC C:\Users\johnf\AppData\Local\Speech Graphics
2019-01-16 10:49 - 2019-01-16 10:49 - 000000000 ___DC C:\Users\johnf\AppData\Local\FortniteGame
2019-01-16 10:49 - 2019-01-16 10:49 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-01-16 08:32 - 2019-01-16 08:32 - 000000285 ____C C:\Users\johnf\Desktop\Fortnite.url
2019-01-15 20:30 - 2019-01-11 10:22 - 005363000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 002623880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 001767464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 000650608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 000451056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 000125320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-01-15 20:30 - 2019-01-11 10:22 - 000083336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-01-15 20:30 - 2019-01-09 14:45 - 008472342 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-01-15 20:29 - 2019-01-15 20:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-01-15 20:29 - 2019-01-10 06:51 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-01-15 20:26 - 2019-01-12 05:05 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000552536 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000456848 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-01-15 20:26 - 2019-01-12 05:05 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-01-15 20:26 - 2019-01-12 05:05 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-01-15 20:26 - 2019-01-12 05:05 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-01-15 20:26 - 2019-01-12 05:05 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-01-15 20:26 - 2019-01-12 05:04 - 004946232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 004316304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 002018392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441771.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 002003600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 001512352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441771.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 001461152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 001126544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 000631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-01-15 20:26 - 2019-01-12 05:04 - 000521688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-01-15 20:26 - 2019-01-12 05:03 - 040262912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-01-15 20:26 - 2019-01-12 05:03 - 035158736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-01-15 20:26 - 2019-01-12 01:03 - 015911384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 013205768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 001462024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 001167584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 001145536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 000914400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 000794448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-01-15 20:26 - 2019-01-12 01:02 - 000637664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-01-15 20:26 - 2019-01-12 01:01 - 019717352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-01-15 20:26 - 2019-01-12 01:01 - 016993240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-01-15 20:26 - 2019-01-12 01:01 - 005003032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-01-15 20:26 - 2019-01-12 01:01 - 004260704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-01-15 20:26 - 2019-01-11 12:06 - 000048472 _____ C:\WINDOWS\system32\nvinfo.pb
2019-01-15 14:19 - 2019-01-19 16:09 - 000003540 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2019-01-15 14:19 - 2019-01-19 16:09 - 000000416 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2019-01-15 14:19 - 2019-01-15 14:19 - 000001018 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2019-01-15 14:19 - 2019-01-15 14:19 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Easeware
2019-01-15 14:19 - 2019-01-15 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-01-15 14:19 - 2019-01-15 14:19 - 000000000 ____D C:\Program Files\Easeware
2019-01-15 14:14 - 2019-01-15 14:14 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-01-13 20:58 - 2019-01-13 20:59 - 000000082 _____ C:\Users\johnf\invisible.vbs
2019-01-13 20:45 - 2019-01-13 20:47 - 000000000 ____D C:\Users\johnf\.electron
2019-01-13 20:43 - 2019-01-13 20:43 - 000001995 ____C C:\Users\johnf\Desktop\Starte Squirrel.lnk
2019-01-13 20:41 - 2019-01-13 21:13 - 000000601 ____C C:\Users\johnf\Desktop\Starte Squirrel.bat
2019-01-13 20:40 - 2019-01-13 20:41 - 000000057 ____C C:\Users\johnf\Desktop\Starte adminMongo.bat
2019-01-13 20:39 - 2019-01-13 20:40 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\npm-cache
2019-01-13 20:39 - 2019-01-13 20:39 - 000000000 ____D C:\Users\johnf\.config
2019-01-13 20:35 - 2019-01-13 20:35 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\npm
2019-01-13 20:35 - 2019-01-13 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2019-01-13 20:35 - 2019-01-13 20:35 - 000000000 ____D C:\Program Files\nodejs
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Nucleon Software
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ___DC C:\Users\johnf\AppData\Local\Stimulsoft
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ___DC C:\Users\johnf\AppData\Local\Nucleon Software
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ____D C:\Users\johnf\Mongodb
2019-01-13 20:26 - 2019-01-13 20:26 - 000000000 ____D C:\ProgramData\Isolated Storage
2019-01-13 20:25 - 2019-01-13 20:25 - 000000000 ____D C:\Program Files\MongoDB
2019-01-13 20:23 - 2019-01-13 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2019-01-13 20:23 - 2019-01-13 20:23 - 000000000 ____D C:\ProgramData\Git
2019-01-13 20:22 - 2019-01-13 20:23 - 000000000 ____D C:\Program Files\Git
2019-01-12 22:52 - 2019-01-12 22:52 - 000001456 ____C C:\Users\johnf\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2019-01-12 00:44 - 2019-01-12 00:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Setup Helper
2019-01-12 00:44 - 2019-01-12 00:44 - 000000000 ____D C:\Program Files (x86)\Hobbyist Software
2019-01-11 16:28 - 2019-01-11 16:28 - 000000713 ____C C:\Users\johnf\Desktop\ClipMate.lnk
2019-01-11 16:28 - 2019-01-11 16:28 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Thornsoft Development
2019-01-11 16:28 - 2019-01-11 16:28 - 000000000 ____D C:\ProgramData\TEMP
2019-01-11 16:28 - 2019-01-11 16:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipMate 7
2019-01-11 16:16 - 2019-01-11 16:16 - 000000000 ____D C:\Users\johnf\.thumb
2019-01-11 16:09 - 2019-01-11 16:09 - 000000965 ____C C:\Users\johnf\Desktop\DVDStyler.lnk
2019-01-11 16:09 - 2019-01-11 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDStyler
2019-01-11 16:09 - 2019-01-11 16:09 - 000000000 ____D C:\Program Files\DVDStyler
2019-01-11 12:05 - 2019-01-11 12:05 - 000000000 ____D C:\PS_CS2_Gr_NonRet
2019-01-11 12:01 - 2019-01-11 12:01 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\GIMP
2019-01-11 12:01 - 2019-01-11 12:01 - 000000000 ___DC C:\Users\johnf\AppData\Local\GIMP
2019-01-11 08:23 - 2019-01-11 08:23 - 000000000 ____D C:\WINDOWS\Panther
2019-01-11 00:09 - 2015-07-09 14:59 - 000245248 _____ (QUALCOMM Incorporated) C:\WINDOWS\system32\Drivers\qu_usb_serial.sys
2019-01-11 00:09 - 2015-03-10 09:05 - 000115712 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_ctrlfakedev.sys
2019-01-11 00:09 - 2014-09-08 22:07 - 000223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbvcom.sys
2019-01-11 00:09 - 2014-08-17 16:08 - 000117888 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\diagswitchdrv.sys
2019-01-11 00:09 - 2014-01-06 17:43 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2019-01-11 00:09 - 2012-12-22 07:46 - 000014976 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys
2019-01-11 00:02 - 2019-01-11 00:02 - 000000000 ____D C:\Program Files\DIFX
2019-01-11 00:02 - 2019-01-11 00:02 - 000000000 ____D C:\ADB
2019-01-11 00:02 - 2015-05-07 13:40 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys
2019-01-11 00:02 - 2014-01-06 17:43 - 002152176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFUpdate_01009.dll
2019-01-11 00:02 - 2014-01-06 17:43 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01009.dll
2019-01-11 00:02 - 2014-01-06 17:43 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusbcoinstaller2.dll
2019-01-11 00:02 - 2011-10-23 18:04 - 000223232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys
2019-01-11 00:02 - 2011-10-23 17:51 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys
2019-01-10 21:26 - 2019-01-10 21:26 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\LG Electronics
2019-01-10 21:26 - 2019-01-10 21:26 - 000000000 ___DC C:\Users\johnf\AppData\Local\LG Electronics
2019-01-10 21:26 - 2019-01-10 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2019-01-10 21:25 - 2019-01-10 21:25 - 000000000 ____D C:\Program Files (x86)\LG Electronics
2019-01-10 19:09 - 2019-01-10 19:09 - 000000000 ___DC C:\Users\johnf\AppData\Local\FirmwareFinder
2019-01-09 13:52 - 2019-01-09 13:52 - 000000000 ___DC C:\Users\johnf\AppData\Local\gegl-0.4
2019-01-09 10:29 - 2019-01-01 15:07 - 001023480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys
2019-01-09 10:29 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 10:29 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 10:29 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 10:29 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 10:29 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 10:29 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 10:29 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 10:29 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 10:29 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 10:29 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 10:29 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 10:29 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 10:29 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 10:29 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 10:29 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 10:29 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 10:29 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 10:29 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 10:29 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 10:29 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 10:29 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 10:29 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 10:29 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 10:29 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 10:29 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 10:29 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 10:29 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 10:29 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 10:29 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 10:29 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 10:29 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 10:29 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 10:29 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 10:29 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 10:29 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 10:29 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 10:29 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 10:29 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 10:29 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 10:29 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 10:29 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 10:29 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 10:29 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 10:29 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 10:29 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 10:29 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 10:29 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 10:28 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 10:28 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 10:28 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 10:28 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 10:28 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 10:28 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 10:28 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 10:28 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 10:28 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 10:28 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 10:28 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 10:28 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 10:28 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 10:28 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 10:28 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 10:28 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 10:28 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 10:28 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 10:28 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 10:28 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 10:28 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 10:28 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 10:28 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 10:28 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 10:28 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 10:28 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 10:28 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 10:28 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 10:28 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 10:28 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 10:28 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 10:28 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 10:28 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 10:28 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 10:28 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 10:28 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 10:08 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-08 08:41 - 2019-01-19 11:55 - 000000000 ___RD C:\Users\johnf\Creative Cloud Files
2019-01-08 00:01 - 2019-01-08 00:01 - 000000921 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elements Creations Notification.lnk
2019-01-07 23:59 - 2019-01-07 23:59 - 000000942 _____ C:\Users\Public\Desktop\Adobe Premiere Elements 2019.lnk
2019-01-07 23:59 - 2019-01-07 23:59 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 2019.lnk
2019-01-07 19:21 - 2019-01-07 19:21 - 000000000 ___DC C:\Users\johnf\AppData\Local\FXHOME Helper
2019-01-07 19:18 - 2019-01-07 19:20 - 000000000 ___DC C:\Users\johnf\AppData\Local\Ignite Express 2017 Activation
2019-01-07 19:18 - 2019-01-07 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ignite Express 2017
2019-01-07 19:18 - 2019-01-07 19:18 - 000000000 ____D C:\ProgramData\FXHOME
2019-01-07 19:18 - 2019-01-07 19:18 - 000000000 ____D C:\Program Files\FXHOME
2019-01-07 19:18 - 2019-01-07 19:18 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-01-07 18:33 - 2019-01-07 18:33 - 000001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2019.lnk
2019-01-07 18:30 - 2019-01-07 18:30 - 000001412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2019-01-07 18:30 - 2019-01-07 18:30 - 000001400 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2019-01-06 17:12 - 2019-01-06 17:15 - 000000000 ____D C:\Program Files\Rockstar Games
2019-01-06 17:12 - 2019-01-06 17:15 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-01-06 17:12 - 2019-01-06 17:12 - 000000826 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2019-01-06 17:12 - 2019-01-06 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-01-04 17:34 - 2019-01-04 18:40 - 000000015 ____C C:\Users\johnf\AppData\Local\X-Plane_drm_11.prf
2019-01-04 17:32 - 2019-01-04 17:32 - 000000022 ____C C:\Users\johnf\AppData\Local\x-plane_install_11.txt
2019-01-03 02:48 - 2019-01-03 02:48 - 000001571 ____C C:\Users\johnf\Desktop\nmap_SCAN.xml
2019-01-03 02:37 - 2019-01-04 16:11 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\VMware
2019-01-03 02:37 - 2019-01-04 16:11 - 000000000 ___DC C:\Users\johnf\AppData\Local\VMware
2019-01-03 02:36 - 2019-01-03 02:36 - 000001024 _____ C:\WINDOWS\SysWOW64\%TMP%
2019-01-03 02:36 - 2019-01-03 02:36 - 000000838 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2019-01-03 02:36 - 2019-01-03 02:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2019-01-03 02:36 - 2019-01-03 02:36 - 000000000 ____D C:\Program Files\Common Files\VMware
2019-01-03 02:36 - 2019-01-03 02:36 - 000000000 ____D C:\Program Files (x86)\VMware
2019-01-03 02:36 - 2018-05-11 06:33 - 001134008 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2019-01-03 02:36 - 2018-05-11 06:33 - 000402360 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2019-01-03 02:36 - 2018-05-11 06:33 - 000367032 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2019-01-03 02:36 - 2018-05-11 06:33 - 000134104 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll
2019-01-03 02:36 - 2018-05-11 06:33 - 000043992 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2019-01-03 02:36 - 2018-05-11 06:21 - 000096176 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2019-01-03 02:36 - 2018-01-24 18:58 - 000082896 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2019-01-03 02:36 - 2017-09-05 04:54 - 000091712 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2019-01-03 02:36 - 2017-09-05 04:54 - 000069104 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2019-01-03 02:36 - 2017-09-05 04:54 - 000065016 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2019-01-03 02:34 - 2019-01-19 11:53 - 000000000 ____D C:\ProgramData\VMware
2018-12-31 21:31 - 2018-12-31 21:31 - 000000691 ____C C:\Users\johnf\Desktop\X-Plane 11.lnk
2018-12-31 21:31 - 2018-12-31 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Plane 11
2018-12-30 19:32 - 2018-12-30 19:32 - 000001700 _____ C:\Users\Public\Desktop\REX 4 - Texture Direct with Soft Clouds.lnk
2018-12-30 19:32 - 2018-12-30 19:32 - 000000741 _____ C:\Users\Public\Desktop\User Manual - REX 4 - Texture Direct.lnk
2018-12-30 19:21 - 2018-12-30 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX 4
2018-12-30 03:06 - 2018-12-30 03:06 - 000000885 ____C C:\Users\johnf\Desktop\FS Global Real Weather (P3Dv4 Edition).lnk
2018-12-29 17:43 - 2018-12-29 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2018-12-27 13:57 - 2018-12-27 13:57 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Burnaware
2018-12-27 13:49 - 2018-12-27 13:49 - 000001129 _____ C:\Users\Public\Desktop\BurnAware Free.lnk
2018-12-27 13:49 - 2018-12-27 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2018-12-27 13:49 - 2018-12-27 13:49 - 000000000 ____D C:\Program Files (x86)\BurnAware Free
2018-12-27 13:23 - 2018-12-27 13:31 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\ImgBurn
2018-12-25 19:17 - 2018-12-25 19:17 - 000000885 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2018-12-25 19:14 - 2018-12-25 19:36 - 000000000 ____D C:\Program Files\MKVToolNix
2018-12-25 19:14 - 2018-12-25 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2018-12-20 18:29 - 2018-12-20 18:29 - 000042904 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-12-20 08:29 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 08:29 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 08:29 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 08:29 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 08:29 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 08:29 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 08:29 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 08:29 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 08:29 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 08:29 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 08:29 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 08:29 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 08:29 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 08:29 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 08:29 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 08:29 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 08:29 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
 

xcy7e

TS Rookie
==================== Ein Monat (geänderte) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-01-19 18:49 - 2018-06-07 01:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-19 18:30 - 2017-08-29 07:55 - 000000000 ____D C:\Users\johnf\AppData\Local\DisplayFusion
2019-01-19 17:59 - 2017-08-29 07:59 - 000000000 ____D C:\Users\johnf\AppData\Local\ClassicShell
2019-01-19 17:58 - 2017-09-01 14:36 - 000000000 ____D C:\Users\johnf\AppData\Local\CrashDumps
2019-01-19 17:07 - 2017-08-29 11:36 - 000000000 ___DC C:\Users\johnf\AppData\LocalLow\Mozilla
2019-01-19 17:07 - 2017-08-29 09:30 - 000000000 ___DC C:\Users\johnf\AppData\Local\JDownloader 2.0
2019-01-19 16:49 - 2018-11-29 17:39 - 000002589 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2019-01-19 16:49 - 2018-11-29 17:39 - 000002552 ____C C:\Users\johnf\Desktop\Google Chrome Canary.lnk
2019-01-19 16:37 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-19 16:11 - 2018-12-14 16:50 - 000007404 _____ C:\WINDOWS\Sandboxie.ini
2019-01-19 16:10 - 2017-08-29 10:05 - 000000600 ____C C:\Users\johnf\AppData\Roaming\winscp.rnd
2019-01-19 16:09 - 2018-12-01 17:04 - 000003306 _____ C:\WINDOWS\System32\Tasks\displacements_drainpipesdisplacements_drainpipes
2019-01-19 16:09 - 2018-12-01 17:04 - 000003276 _____ C:\WINDOWS\System32\Tasks\strenuously walliestrenuously wallie
2019-01-19 16:09 - 2018-12-01 17:04 - 000003254 _____ C:\WINDOWS\System32\Tasks\seacoast-ailsseacoast-ails
2019-01-19 16:09 - 2018-12-01 17:04 - 000003244 _____ C:\WINDOWS\System32\Tasks\rayonrayon
2019-01-19 16:09 - 2018-12-01 17:04 - 000003228 _____ C:\WINDOWS\System32\Tasks\kollekkollek
2019-01-19 16:09 - 2018-12-01 17:04 - 000003228 _____ C:\WINDOWS\System32\Tasks\cuencacuenca
2019-01-19 16:09 - 2018-11-29 17:38 - 000003728 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-127663350-3041579137-739029980-1001UA
2019-01-19 16:09 - 2018-11-29 17:38 - 000003460 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-127663350-3041579137-739029980-1001Core
2019-01-19 16:09 - 2018-11-29 17:33 - 000003590 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1543509213
2019-01-19 16:09 - 2018-09-19 10:34 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-09-19 10:34 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-09-19 10:34 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-09-19 10:34 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-09-19 10:34 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-09-19 10:34 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-06-07 01:32 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2019-01-19 16:09 - 2018-06-07 01:32 - 000003558 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-19 16:09 - 2018-06-07 01:32 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-06-07 01:32 - 000003334 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-19 16:09 - 2018-06-07 01:32 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-01-19 16:09 - 2018-06-07 01:32 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-06-07 01:32 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-06-07 01:32 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-127663350-3041579137-739029980-1002
2019-01-19 16:09 - 2018-06-07 01:32 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-127663350-3041579137-739029980-1001
2019-01-19 16:09 - 2018-06-07 01:32 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-06-07 01:32 - 000002808 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-john.fiddle@outlook.com
2019-01-19 16:09 - 2018-06-07 01:32 - 000002762 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2019-01-19 16:09 - 2018-06-07 01:32 - 000002762 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-john.fiddle@outlook.com
2019-01-19 16:09 - 2018-06-07 01:32 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-06-07 01:32 - 000002588 _____ C:\WINDOWS\System32\Tasks\Component Manager Poller - {QU5EUk9JRF9XT1JLUw==}
2019-01-19 16:09 - 2018-06-07 01:32 - 000002586 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-01-19 16:09 - 2018-06-07 01:32 - 000002562 _____ C:\WINDOWS\System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-01-19 16:09 - 2018-06-07 01:32 - 000002526 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2019-01-19 16:09 - 2018-06-07 01:32 - 000002470 _____ C:\WINDOWS\System32\Tasks\Restart Snagit
2019-01-19 16:09 - 2018-06-07 01:32 - 000002042 _____ C:\WINDOWS\System32\Tasks\FubToolByPLD
2019-01-19 15:42 - 2017-08-29 09:13 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\vlc
2019-01-19 12:52 - 2018-07-15 13:46 - 000000000 ____D C:\Program Files\DisplayFusion
2019-01-19 12:52 - 2017-08-29 07:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2019-01-19 12:38 - 2017-03-13 22:25 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-19 12:37 - 2018-06-07 01:30 - 001840194 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-19 12:37 - 2018-04-12 17:13 - 000788650 _____ C:\WINDOWS\system32\perfh007.dat
2019-01-19 12:37 - 2018-04-12 17:13 - 000169002 _____ C:\WINDOWS\system32\perfc007.dat
2019-01-19 12:37 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-19 12:25 - 2017-09-20 15:26 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-19 11:55 - 2017-09-11 22:29 - 000000000 ____D C:\Users\johnf\AppData\Local\Adobe
2019-01-19 11:54 - 2017-08-29 07:45 - 000000000 __SHD C:\Users\johnf\IntelGraphicsProfiles
2019-01-19 11:53 - 2018-12-06 15:25 - 000000000 ____D C:\Program Files\TeamViewer
2019-01-19 11:53 - 2018-08-30 14:37 - 000000000 ____D C:\ProgramData\Hauppauge
2019-01-19 11:53 - 2018-06-07 01:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-19 11:53 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-19 11:17 - 2018-12-07 19:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-19 10:41 - 2018-02-08 00:48 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\MusicBee
2019-01-19 00:22 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-19 00:11 - 2018-12-01 21:22 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-01-19 00:10 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-18 22:53 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-17 23:52 - 2018-06-07 01:25 - 000000000 ___RD C:\Users\johnf
2019-01-17 21:52 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-17 16:12 - 2018-07-15 14:33 - 000000000 ____D C:\ProgramData\Packages
2019-01-17 15:50 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-17 15:45 - 2018-01-10 02:40 - 000000000 ____D C:\Users\Administrator
2019-01-17 15:45 - 2017-03-13 22:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-16 21:11 - 2018-12-14 17:24 - 000000922 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-16 19:49 - 2017-09-01 19:56 - 000000000 ___HD C:\Users\johnf\.zenmap
2019-01-16 19:13 - 2017-09-11 22:27 - 000000000 ___HD C:\Users\johnf\.gimp-2.8
2019-01-16 19:12 - 2017-12-09 02:47 - 000000000 ____D C:\Users\johnf\icons
2019-01-16 19:12 - 2017-09-12 11:23 - 000000000 ____D C:\Users\johnf\AppData\Local\gtk-2.0
2019-01-16 13:38 - 2017-08-29 07:45 - 000000000 ____D C:\Users\johnf\AppData\Local\NVIDIA
2019-01-16 10:57 - 2018-04-12 00:38 - 000000000 __SHD C:\Users\Public\Libraries
2019-01-16 10:51 - 2017-08-29 07:45 - 000000000 ____D C:\Users\johnf\AppData\Local\NVIDIA Corporation
2019-01-16 10:49 - 2018-01-28 03:17 - 000000000 ___DC C:\Users\johnf\AppData\Local\UnrealEngine
2019-01-15 20:30 - 2018-06-22 09:57 - 000000000 ___RD C:\Temp
2019-01-15 20:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
2019-01-15 20:30 - 2017-09-20 15:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-01-15 20:29 - 2017-09-20 15:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-01-15 20:26 - 2018-06-07 23:42 - 000000000 ____D C:\Users\johnf\AppData\Local\D3DSCache
2019-01-15 19:29 - 2018-12-14 16:46 - 000000000 ____D C:\ProgramData\Avira
2019-01-15 18:57 - 2018-11-20 16:56 - 000000000 ____D C:\ProgramData\ProtonVPN
2019-01-15 14:16 - 2017-09-20 15:27 - 002016502 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-01-15 14:14 - 2017-11-12 21:57 - 000000000 ___DC C:\Users\johnf\AppData\Local\ElevatedDiagnostics
2019-01-15 14:14 - 2017-09-20 15:27 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-01-14 22:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-13 00:08 - 2017-12-09 17:08 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\dvdcss
2019-01-11 20:39 - 2017-12-27 22:00 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-01-11 12:06 - 2017-08-29 17:44 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-01-11 12:01 - 2017-10-24 20:04 - 000000000 ___HD C:\Users\johnf\.cache
2019-01-10 19:04 - 2018-11-29 17:33 - 000001415 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2019-01-10 18:57 - 2017-08-29 07:45 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\Adobe
2019-01-10 02:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-10 02:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-08 11:08 - 2018-12-02 19:57 - 000146976 ____C C:\Users\johnf\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-08 08:38 - 2018-12-14 17:20 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-08 08:32 - 2017-09-11 22:22 - 000000000 ____D C:\ProgramData\Adobe
2019-01-08 08:30 - 2018-06-07 01:23 - 000552120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-07 23:57 - 2018-01-24 01:18 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-01-06 17:13 - 2017-08-31 12:39 - 000000000 ____D C:\Users\johnf\AppData\Local\Rockstar Games
2019-01-06 17:12 - 2017-03-13 22:21 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-04 15:47 - 2018-08-28 13:19 - 000000000 ___DC C:\Users\johnf\AppData\Roaming\BitTorrent
2019-01-03 02:36 - 2017-03-13 22:23 - 001863236 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-30 19:19 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-12-30 19:19 - 2017-11-28 17:16 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-12-30 19:19 - 2017-11-28 17:16 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-12-23 18:17 - 2018-01-22 03:05 - 000000000 ____D C:\Users\johnf\AppData\Local\MEGAsync
2018-12-20 16:10 - 2018-06-07 01:25 - 000002424 ____C C:\Users\johnf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-20 16:10 - 2017-08-29 07:47 - 000000000 ___RD C:\Users\johnf\OneDrive

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2019-01-13 20:58 - 2019-01-13 20:59 - 000000082 _____ () C:\Users\johnf\invisible.vbs
2018-01-07 11:43 - 2018-01-07 11:43 - 000000073 ____C () C:\Users\johnf\AppData\Roaming\GTAV Update Blocker.ini
2018-01-28 01:38 - 2018-02-07 17:29 - 000035491 ____C () C:\Users\johnf\AppData\Roaming\net.telestream.wirecast.xml
2018-02-01 16:19 - 2018-02-01 16:28 - 000000881 ____C () C:\Users\johnf\AppData\Roaming\pc-capture-log.txt
2017-08-29 10:05 - 2019-01-19 16:10 - 000000600 ____C () C:\Users\johnf\AppData\Roaming\winscp.rnd
2019-01-12 22:52 - 2019-01-12 22:52 - 000001456 ____C () C:\Users\johnf\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2019-01-16 19:12 - 2019-01-16 19:12 - 000013212 ____C () C:\Users\johnf\AppData\Local\recently-used.xbel
2019-01-04 17:34 - 2019-01-04 18:40 - 000000015 ____C () C:\Users\johnf\AppData\Local\X-Plane_drm_11.prf
2019-01-04 17:32 - 2019-01-04 17:32 - 000000022 ____C () C:\Users\johnf\AppData\Local\x-plane_install_11.txt
2017-09-01 19:56 - 2018-12-16 13:41 - 000000143 ____C () C:\Users\johnf\AppData\Local\zenmap.exe.log

Einige Dateien in TEMP:
====================
2019-01-19 15:06 - 2019-01-19 15:06 - 000040448 ____C () C:\Users\johnf\AppData\Local\Temp\proxy_vole2846813678141583804.dll
2019-01-19 15:06 - 2019-01-19 15:06 - 000040448 ____C () C:\Users\johnf\AppData\Local\Temp\proxy_vole2995707856706044275.dll
2019-01-19 15:06 - 2019-01-19 15:06 - 000040448 ____C () C:\Users\johnf\AppData\Local\Temp\proxy_vole6702494483056341352.dll
2019-01-19 00:20 - 2017-01-12 13:40 - 000331176 __RSC (Tarma Software Research Ltd) C:\Users\johnf\AppData\Local\Temp\Tsu8CD87F94.dll
2019-01-16 19:52 - 2019-01-16 19:54 - 041846888 ____C () C:\Users\johnf\AppData\Local\Temp\vlc-3.0.6-win64.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-06-07 01:23

==================== Ende von FRST.txt ============================
 

Broni

Malware Annihilator
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
durchgeführt von johnf (19-01-2019 18:57:10)
Gestartet von D:\tmp
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-07 00:32:41)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin (S-1-5-21-127663350-3041579137-739029980-1002 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-127663350-3041579137-739029980-500 - Administrator - Enabled) => C:\Users\Administrator.EPSON3191BJ
DefaultAccount (S-1-5-21-127663350-3041579137-739029980-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-127663350-3041579137-739029980-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-127663350-3041579137-739029980-501 - Limited - Disabled)
johnf (S-1-5-21-127663350-3041579137-739029980-1001 - Administrator - Enabled) => C:\Users\johnf
WDAGUtilityAccount (S-1-5-21-127663350-3041579137-739029980-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: ESET Smart Security 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
AS: ESET Smart Security 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Jumpstart (HKLM-x32\...\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}) (Version: 3.0.18135.100 - Acer)
Acronis True Image (HKLM-x32\...\{6C68FFAD-90B3-4DE1-B64A-3073CFFCCA70}) (Version: 21.0.6116 - Acronis) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 2019 (HKLM-x32\...\PRE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Aerosoft's - A318-A319 Professional - PREPAR3D V4.x (HKLM-x32\...\A318-A319 Professional - PREPAR3D V4.x) (Version: 1.00 - Aerosoft)
Aerosoft's - CRJ 700-900 X - PREPAR3D V4.x (HKLM-x32\...\CRJ 700-900 X - PREPAR3D V4.x) (Version: 1.2.0.0 - Aerosoft)
Aerosoft's - German Airports - Stuttgart Professional (HKLM-x32\...\German Airports - Stuttgart Professional) (Version: 1.00 - Aerosoft)
Aerosoft's - Mega Airport Frankfurt 2.0 Professional (HKLM-x32\...\Mega Airport Frankfurt 2.0 Professional) (Version: 1.00 - Aerosoft)
aerosoft's - NavDataPro Charts (HKLM-x32\...\NavDataPro Charts) (Version: 1.0.0.2 - aerosoft)
aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1A5D2729-4A3B-4CD5-85C8-4896FD44B78D}) (Version: 1.28 - aerosoft)
Android ADB Fastboot (HKLM-x32\...\{29FB844C-8CE6-450A-9510-A07FD091CD57}) (Version: 1.7 - ajua Custom Installers)
AOMEI Partition Assistant Demo Edition 7.5.1 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.)
AutoHotkey 1.1.26.01 (HKLM\...\AutoHotkey) (Version: 1.1.26.01 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
AVS Video Converter 10.1.2 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 10.1.2.627 - Online Media Technologies Ltd.)
BGPKiller version 0.9.6.0 (HKLM-x32\...\{51F2319F-76B2-4A3F-BD1D-81CB18395981}_is1) (Version: 0.9.6.0 - AvJoeSW Inc.)
BitTorrent (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\BitTorrent) (Version: 7.10.4.44847 - BitTorrent Inc.)
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 11.8 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version: - Cheat Engine)
checksum (HKLM-x32\...\checksum) (Version: 1.7.0.1 - corz.org)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
ClipMate 7 (HKLM-x32\...\{2E924A2A-8FBC-4C84-8A3A-63FB386C9A29}_is1) (Version: 7 - Thornsoft Development, Inc.)
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
DiagnosticsHub_CollectionService (HKLM\...\{E81C8BD9-158A-4E0F-AE0D-8C797C0E8112}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 2.6 - DiskInternals Research)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.71 - NVIDIA Corporation) Hidden
DisplayFusion 9.4.3 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.4.3.0 - Binary Fortress Software)
Driver Easy 5.6.9 (HKLM\...\DriverEasy_is1) (Version: 5.6.9 - Easeware)
DVDStyler v3.0.4 (HKLM\...\DVDStyler_is1) (Version: - Thüring IT-Consulting)
Entity Framework 6.2.0 Tools for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{3E59936E-CC15-4DE2-BF79-5D76E14472A7}) (Version: 1.1.122.0 - Epic Games, Inc.)
FS2Crew: PMDG 737 NGX Reboot Edition P3D 64 (HKLM-x32\...\FS2Crew: PMDG 737 NGX Reboot Edition P3D 64) (Version: - )
FxSound Enhancer (HKLM-x32\...\DFX) (Version: 13.018 - FxSound)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Git version 2.20.1 (HKLM\...\Git_is1) (Version: 2.20.1 - The Git Development Community)
Google Chrome (HKLM\...\{A9EACB46-9179-3C2D-A196-62006713EC8E}) (Version: 71.0.3578.98 - Google, Inc.)
Google Chrome Canary (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Google Chrome SxS) (Version: 73.0.3677.0 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{402FF39A-CF32-42F6-B480-BAF2B1B0096B}) (Version: 7.3.2.5495 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
Hauppauge WinTV 8.5 (HKLM-x32\...\Hauppauge WinTV 8.5) (Version: v8.5.36227 (Premium) - Hauppauge Computer Works)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{4B691388-E031-4268-A096-95173D1E6E0F}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{5A86972C-9DB5-40AA-B4EB-0ACE96AFDF88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Ignite Express 2017 (HKLM\...\{3DC0AC59-4D08-4222-9464-6B9B31FD1293}) (Version: 1.0.8403.32417 - FXHOME)
ImageMagick 7.0.8-23 Q16 (64-bit) (2019-01-02) (HKLM\...\ImageMagick 7.0.8 Q16 (64-bit)_is1) (Version: 7.0.8 - ImageMagick Studio LLC)
Imaging And Configuration Designer (HKLM-x32\...\{05935793-A34C-4272-3361-7AF9AEEE5649}) (Version: 10.1.14393.0 - Microsoft) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version: - IVAO)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JetBrains PhpStorm 2018.2.3 (HKLM-x32\...\PhpStorm 2018.2.3) (Version: 182.4323.68 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{4DFD6FF3-9A29-4F31-AEE1-D44E016C5AD4}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
L3DT Standard v16.05.3.1 (remove only) (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\L3DT Standard (v16.05.3.1)) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.1.1 - LG Electronics)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.06.20130913 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker Premium (HKLM\...\{7C0E97DB-B7FF-4248-BA47-4718D1D104A6}) (Version: 24.0.1.34 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Premium (HKLM-x32\...\MX.{7C0E97DB-B7FF-4248-BA47-4718D1D104A6}) (Version: 24.0.1.34 - MAGIX Software GmbH)
MAGIX Music Maker Trial Live Pads (HKLM\...\{8E95475A-0C65-4830-B226-B15354C81BD0}) (Version: 24.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{53182829-FB43-486B-80AA-FFBF87F707B6}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{53182829-FB43-486B-80AA-FFBF87F707B6}) (Version: 7.0.2.6 - MAGIX Software GmbH)
Mailbird (HKLM\...\{370233F9-4AD3-4869-9051-78266F27BD82}) (Version: 2.5.27 - Mailbird)
Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Access database engine 2010 (Spanish) (HKLM\...\{90140000-00D1-0C0A-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: 1.0.20.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: 10.0.60905.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: 10.0.61242.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-127663350-3041579137-739029980-1002\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 for Windows 10 - ENU (HKLM-x32\...\{7e37e233-4667-4612-bfaf-7feb40ce0b4d}) (Version: 14.0.23107.178 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1296.827 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MKVToolNix 29.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 29.0.0 - Moritz Bunkus)
MongoDB 4.0.5 2008R2Plus SSL (64 bit) (HKLM\...\{43C0DDEE-FE22-45BD-952A-C20934AF3F0F}) (Version: 4.0.5 - MongoDB Inc.)
Mozilla Firefox 64.0 (x64 de) (HKLM\...\Mozilla Firefox 64.0 (x64 de)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Mp3tag v2.86 (HKLM-x32\...\Mp3tag) (Version: 2.86 - Florian Heidenreich)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicBee 3.2 (HKLM-x32\...\MusicBee) (Version: 3.2 - Steven Mayall)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project)
Node.js (HKLM\...\{7E005925-0125-4A46-8B25-6DB1547488C2}) (Version: 10.15.0 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.1 - Notepad++ Team)
Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Grafiktreiber 417.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.71 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Tegra Graphics Debugger v2.4 (HKLM-x32\...\{6D5F4270-1053-4C22-A89E-1CDCE2969C94}) (Version: 2.4.17025.0349 - NVIDIA Corporation)
NVIDIA Tegra System Profiler v3.7 (HKLM\...\{C6684D50-7552-43E3-99C5-237160047EE6}) (Version: 3.7.224.17034 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenIV (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\OpenIV) (Version: 2.9.2.932 - .black/OpenIV Team)
Opera Stable 57.0.3098.116 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Oracle VM VirtualBox 5.2.18 (HKLM\...\{2620B239-7407-49D7-B4C0-FE197D089176}) (Version: 5.2.18 - Oracle Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
PasswordBoss (HKLM\...\{2F4B8122-4BD2-43A9-9F18-571BE0D29C7C}) (Version: 4.2.3938.0 - PasswordBoss, LLC) <==== ACHTUNG
PlanetSide 2 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.195 - Daybreak Game Company)
PMDG 737-8900 NGX Base Package P3D (HKLM-x32\...\{0EA92925-36E7-40CB-A714-118AB046099B}) (Version: 1.20.8465 - PMDG Simulations, LLC.)
PMDG 777-200LRF Base Package P3D (HKLM-x32\...\{C1CB0E26-CE1A-4789-8EEA-919C4CD491C1}) (Version: 1.10.8886 - PMDG Simulations, LLC.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd)
Prepar3D v4 Content (HKLM\...\{87040041-993B-42AF-BEA0-6086FEB45184}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Professional Plus (HKLM-x32\...\{30a38ea8-952b-40ed-8f28-8357d559085b}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Professional Plus Client (HKLM\...\{53DFB31A-C7E4-42D2-98D9-E715C42D6AFF}) (Version: 4.3.29.25520 - Lockheed Martin)
Prepar3D v4 Scenery (HKLM\...\{C953A291-C0D5-414E-8211-778D5E53D73A}) (Version: 4.3.29.25520 - Lockheed Martin)
ProtonMail Bridge (HKLM\...\{5B9CC3FF-9575-408D-BD82-5D06B48C4396}) (Version: 1.1.0 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\{ED11FFD4-61B3-4329-870E-8F4DAC7D5A0D}) (Version: 1.6.4 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.6.4) (Version: 1.6.4 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10388 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.278 - Qualcomm Atheros)
RAAS Professional (64 Bit) by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional (64 Bit) by FS2Crew (LOCKED)) (Version: - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.1 r2989 - Rainmeter)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REX 4 - Texture Direct - Service Pack 5 (HKLM-x32\...\{38949C04-7C3A-431E-B7E1-31E1ECA07408}) (Version: 4.5.2015.0818 - REX Game Studios, LLC.)
REX 4 - Texture Direct - SP5 - Hotfix 1 (HKLM-x32\...\{DBED58E1-AA28-474B-8626-0DCAD6D62CDB}) (Version: 4.5.2015.1006 - REX Game Studios, LLC.)
REX 4 - Texture Direct (with Soft Clouds) (HKLM-x32\...\{A6683ACB-C41B-4977-87A6-4577C83DABCD}) (Version: 4.4.2015.0115 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds - SP5 - Hotfix 1 (HKLM-x32\...\{C0A5CA46-9C59-460C-95F7-364F4E8084B3}) (Version: 4.7.2015.1006 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds - SP5 (Patch) (HKLM-x32\...\{6F1318E4-DBA6-4289-B1E1-FEBDD730D486}) (Version: 4.7.2015.0818 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds - SP6 Hotfix 3 (HKLM-x32\...\{B3EA18AC-A7B1-4659-B1B5-3A1D6451371C}) (Version: 4.8.2016.0622 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds - SP6 Hotfix 4 (HKLM-x32\...\{D6FB5779-E95C-4717-B251-A89914D158A2}) (Version: 4.8.2016.0928 - REX Game Studios, LLC.)
REX 4 - Texture Direct with Soft Clouds Enhanced Edition (HKLM-x32\...\{2696EDD3-6AE4-4BA3-8BAB-EF48D089B3E5}) (Version: 4.17.2017.0818 - REX Game Studios)
REX Essential Plus Overdrive with SP3 (HKLM-x32\...\{2BA36997-96EB-4DE0-804A-C2E1F2167123}) (Version: 3.8.2014.1126 - REX Game Studios, LLC.)
REX File Transfer Manager (HKLM-x32\...\{B60F3334-ED72-4F7B-945E-22FF8E401E8A}) (Version: 1.10.2016.1111 - REX Game Studios, LLC.)
REX Worldwide Airports HD (HKLM-x32\...\{E8F0D8E0-D9BE-4305-8811-3F506AAA1832}) (Version: 5.1.2018.0725 - REX Game Studios, LLC.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RogueKiller Version 13.0.22.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.22.0 - Adlice Software)
Ruby 2.5.3-1-x64 with MSYS2 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\RubyInstaller-2.5-x64-mingw32_is1) (Version: 2.5.3-1 - RubyInstaller Team)
Sandboxie 5.26 (64-bit) (HKLM\...\Sandboxie) (Version: 5.26 - Sandboxie Holdings, LLC)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
SimBrief Downloader 1.4.5 (HKLM\...\32e4cdf1-1f8f-586a-9551-9c0929bc3c38) (Version: 1.4.5 - Derek Mayer)
SketchUp 2015 (HKLM\...\{A9F0441B-D1CD-4419-80C7-AF7FF6BD94C2}) (Version: 15.1.106 - Trimble Navigation Limited)
Snagit 13 (HKLM-x32\...\{1ECBE017-90CD-4ECE-AC90-58875DC82E35}) (Version: 13.1.2 - TechSmith Corporation) Hidden
Snagit 13 (HKLM-x32\...\{3cde467c-e4c5-4633-8846-a172cca5e7f5}) (Version: 13.1.2.7933 - TechSmith Corporation)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Substance Painter 2 version 2.6.2 (HKLM\...\{f42b7a996fa1d13a1d0a2e33eea2c0800bb5d1b8}_is1) (Version: 2.6.2 - Allegorithmic)
Super FlatMix (HKLM\...\Super FlatMix) (Version: - neiio)
Team Explorer for Microsoft Visual Studio 2015 (HKLM-x32\...\{791295AE-3B0A-3222-9E69-26C8C106E8D1}) (Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TOGA - ENVTEX (HKLM-x32\...\TOGA-ENVTEX-16D30A87-70CB-47CC-AAB0-600D0A4EDC8E_is1) (Version: 1.0.0.0 - SimMarket)
Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden
TortoiseSVN 1.9.7.27907 (64 bit) (HKLM\...\{FBD345DC-093A-4D89-A9B8-10C1BA356048}) (Version: 1.9.27907 - TortoiseSVN)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UEV Tools on amd64 (HKLM\...\{1454FA4E-58BC-2EF1-9A19-147B0E499E03}) (Version: 10.1.14393.0 - Microsoft) Hidden
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.3.2.0 - Manuel Hoefs (Zottel))
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4461586) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D3BC3593-9260-47AD-9EC8-8DEB8668956D}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4461586) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.PROPLUS_{D3BC3593-9260-47AD-9EC8-8DEB8668956D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
USB/DVD-Downloadtool für Windows 7 (HKLM-x32\...\{7D6DDE45-FE2F-4D11-A7E7-BC2C2910536C}) (Version: 1.0.30 - Microsoft Corporation)
User State Migration Tool (HKLM-x32\...\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}) (Version: 10.1.14393.0 - Microsoft) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{8FB2E6A8-A132-4A6A-BFB8-CE71DC4764F2}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{D182FB25-9A73-4725-A2C4-2C33900B920E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\dfb2ee6b) (Version: 15.8.28010.2019 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - Hobbyist Software)
VMware Workstation (HKLM\...\{360EEE05-F864-4702-BF6E-59469EBD1821}) (Version: 14.1.2 - VMware, Inc.)
vPilot (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\vPilot) (Version: 2.1.17 - Ross Carlson)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{4C60D242-B039-4DBB-A202-BE55478E8500}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{5297D80E-CD92-48D8-9DB0-301AB3205772}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DC4F558F-90E2-4B9C-8A2B-5DD92EF71F84}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{31312BFA-5D30-4B56-BACB-BFE26CE2E285}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{082DBA20-8C1E-4D4C-85F4-A813283B7849}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{0D3A6730-43CE-4AF6-BDF7-4D0660296C60}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Waldorf Edition (HKLM\...\{5790BB78-C3B6-11E0-AF6D-C6874824019B}) (Version: 1.7.3 - Waldorf Music GmbH)
Wampserver64 3.1.3 (HKLM\...\{wampserver64}_is1) (Version: 3.1.3 - Dominique Ottello aka Otomatic)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinDirStat 1.1.2 (HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\WinDirStat) (Version: - )
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinMerge 2.16.0.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.0.0 - Thingamahoochie Software)
WinRAR 5.61 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Winremix iPACK (HKLM\...\Winremix iPACK) (Version: - Unisira)
WinSCP 5.13.6 (HKLM-x32\...\winscp3_is1) (Version: 5.13.6 - Martin Prikryl)
Wirecast (HKLM\...\{13CCAC84-0C34-4D13-8C99-02D9F8B4C714}) (Version: 6.0.6 - Telestream LLC)
Wise Registry Cleaner 10.1.4 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)
Wondershare Filmora(Build 8.5.3) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
WPT Redistributables (HKLM-x32\...\{549DAD2D-2505-204C-EC58-59807FE6E037}) (Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{97B6FAD9-6F14-CC46-3165-F1785ECCE255}) (Version: 10.1.14393.0 - Microsoft) Hidden
yEd Graph Editor 3.18.1.1 (HKLM\...\3309-7404-0599-8908) (Version: 3.18.1.1 - yWorks GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> D:\Programme\Elements 2019 Organizer\Elements Auto Creations 2019.exe (Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E9D9ECBE8559}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x7A952765EBAFD40169302B65EBAFD401010000000900000000000000 => Keine Datei
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\johnf\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-127663350-3041579137-739029980-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\johnf\AppData\Local\Google\Chrome SxS\Application\73.0.3677.0\notification_helper.exe (Google Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-01-12] ()
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-01-12] ()
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-01-12] ()
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-01-12] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> Keine Datei
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Programme\Notepad++\NppShell_06.dll [2018-10-14] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programme\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\Snagit 13\DLLx64\SnagitShellExt64.dll [2017-04-11] (TechSmith Corporation)
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2018-02-19] (hxxp://winmerge.org)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> Keine Datei
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programme\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich)
ContextMenuHandlers2-x32: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Programme\TortoiseSVN\bin\TortoiseStub32.dll -> Keine Datei
ContextMenuHandlers2-x32-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => S:\VMware\VMware Workstation\vmdkShellExt.dll -> Keine Datei
ContextMenuHandlers2-x32-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => -> Keine Datei
ContextMenuHandlers2-x32-x32: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2018-02-19] (hxxp://winmerge.org)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => D:\Programme\Mp3tag\Mp3tagShell64.dll [2018-01-24] (Florian Heidenreich)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Keine Datei
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\Snagit 13\DLLx64\SnagitShellExt64.dll [2017-04-11] (TechSmith Corporation)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2018-02-19] (hxxp://winmerge.org)
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-01-11] (NVIDIA Corporation)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2018-02-19] (hxxp://winmerge.org)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-19] (AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Keine Datei
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Keine Datei
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programme\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
 

Broni

Malware Annihilator
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08B9CAA2-2352-4ED4-A70D-FECFA0F0F6E8} - System32\Tasks\kollekkollek => C:\Program Files (x86)\audible\audible.exe
Task: {0AF4033A-2703-4E17-AD9F-7871C7ADCF16} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [2015-05-14] ()
Task: {0E6FD7CE-3595-4CBA-9A03-A2E4EE8DF3F9} - System32\Tasks\PasswordBoss_Desktop_24h_EPSON3191BJ_johnf => C:\Program Files (x86)\PasswordBoss\PasswordBoss.exe [2019-01-18] (PasswordBoss, LLC) <==== ACHTUNG
Task: {16E35315-AF55-4B6A-8363-A9ACC4D44FEF} - System32\Tasks\S-1-5-21-127663350-3041579137-739029980-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-12-08] (Microsoft Corporation)
Task: {1DCBB445-3C6C-4A68-82DB-45224811D0A2} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-07-29] (Acer Incorporated)
Task: {1F8E80CE-8358-4FF6-B100-DC65ED18C0EA} - System32\Tasks\Opera scheduled Autoupdate 1543509213 => C:\Users\johnf\AppData\Local\Programs\Opera\launcher.exe [2019-01-09] (Opera Software)
Task: {231D9D8A-4D8B-47CB-84B3-2D3E3ACA205B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {39DEC704-0C18-4B4B-99C9-5AE6BDA05D80} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {46D95413-730D-4CCA-9D8B-6ED236532A8B} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2019-01-03] (Easeware)
Task: {4AA8CB0B-F001-4B29-A504-D4A1533BE61E} - System32\Tasks\Component Manager Poller - {QU5EUk9JRF9XT1JLUw==} => D:\NVPACK\Poller.exe
Task: {4D0F6995-B65C-440D-A1AA-D8CE2C6E4499} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [2018-09-26] (Acer)
Task: {513BAEBE-62F6-47E1-8463-626F2712AF9D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {5197BE75-8DE1-4EC5-9E7D-BFA160BE4713} - System32\Tasks\cuencacuenca => C:\Program Files (x86)\Drunken\sarnoff.exe
Task: {546421BA-182D-4F78-A3C5-632AAC4A1439} - System32\Tasks\Verzögerter Autostart\Steam Autostart => D:\Steam\Steam.exe [2019-01-05] (Valve Corporation)
Task: {581D38A0-BCC6-4A8E-B021-122A3DCCB46E} - System32\Tasks\strenuously walliestrenuously wallie => C:\Program Files (x86)\Vanguard\Noonan.exe
Task: {58AB9822-0698-4A6A-8A34-07B88D5FD484} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {59E55593-48FC-4588-A2E0-87B8489E8096} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-127663350-3041579137-739029980-1001Core => C:\Users\johnf\AppData\Local\Google\Update\GoogleUpdate.exe [2018-11-29] (Google Inc.)
Task: {5BF220F3-E539-4702-ADEE-91FADD771489} - System32\Tasks\seacoast-ailsseacoast-ails => C:\Program Files (x86)\glossed\Noonan.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {69DB23C7-4AD0-466D-9AFA-033501E46136} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {69E67552-376D-4949-BFE6-94FFEDD081D6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-19] (AVAST Software)
Task: {6E21A59A-1484-4631-A299-A987EED91367} - System32\Tasks\displacements_drainpipesdisplacements_drainpipes => C:\Program Files (x86)\Vanguard\Thankless.exe
Task: {73685F45-9A4F-4B01-B919-81A206F09597} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-john.fiddle@outlook.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {744012A3-4B73-481C-B4AB-84E6869CC424} - System32\Tasks\Restart Snagit => C:\Program Files (x86)\Snagit 13\snagit32.exe [2017-04-11] (TechSmith Corporation)
Task: {7597FE12-4873-4682-A382-5F62154D2B7A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {8183C310-91FC-4B0A-A207-F6F65AFCA043} - System32\Tasks\Push _musik-folder nach oben => %comspec% [Argument = /c start "" /min "C:\Users\johnf\scripts\push_musik_folder.bat" ^&amp; exit]
Task: {84A6E09A-A39B-4985-9989-E2003E129CC6} - System32\Tasks\rayonrayon => C:\Program Files (x86)\Circumnavigated\Thankless.exe
Task: {894DC4D6-13B1-45D0-B012-F4F05F4D5BCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-29] (Google Inc.)
Task: {8DAD9641-9C44-4B6F-8A6D-DEFD72782868} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-29] (Google Inc.)
Task: {8E7BD869-9D89-4C22-A51C-63289C5C7721} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {8EC487A1-C396-49B3-BA83-B1259AF59518} - System32\Tasks\Verzögerter Autostart\Spotify Autostart => C:\Users\johnf\AppData\Roaming\Spotify\Spotify.exe
Task: {910698D6-C990-4E24-A93E-411E45C3DB31} - System32\Tasks\PasswordBoss_Desktop => C:\Program Files (x86)\PasswordBoss\PBUpdater\PBUpdater.exe [2019-01-18] (PasswordBoss, LLC) <==== ACHTUNG
Task: {93BED475-E82C-4363-A647-E904A111D56F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-127663350-3041579137-739029980-1001 => C:\Users\johnf\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {946FF85D-EADF-445B-BE24-8A8E8F6F40B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => D:\Programme\Microsoft Office\Office16\msoia.exe
Task: {9497670B-55C8-4694-8AA3-C2657E722EA9} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2019-01-03] (WiseCleaner.com)
Task: {9A899E9C-521B-4E4A-8E55-3BFE4EE6C4C6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {9F276EAC-3EFC-44D7-B282-BF705C0BB89B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-19] (AVAST Software)
Task: {A109C395-F812-46ED-AB82-B103922F272D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {AAF444DF-3E9E-427F-A444-22BBFA1609D1} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-01-16] (AVG Technologies CZ, s.r.o.)
Task: {AC484881-14AD-4F01-A4E1-85D7C32B3E64} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {AF87C29F-7AC9-4D3A-B64B-E6352C9522A8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {AFA7962D-C937-4924-857A-2C58CDB511F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => D:\Programme\Microsoft Office\Office16\msoia.exe
Task: {B0B2E101-0B38-4196-BA6D-843479172712} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-127663350-3041579137-739029980-1001UA => C:\Users\johnf\AppData\Local\Google\Update\GoogleUpdate.exe [2018-11-29] (Google Inc.)
Task: {BAA52F8D-D2C2-4F97-94F6-6B8885AC63E6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {C688B860-90B2-4182-A608-B98D362FB7D5} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {D1C04809-B90B-4A35-8456-B91448223FC0} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {D20FEBC1-5DDA-4E80-8872-7B5970DFC604} - System32\Tasks\PasswordBoss_Desktop_HealthChk_EPSON3191BJ_johnf => C:\Program Files (x86)\PasswordBoss\PasswordBoss.exe [2019-01-18] (PasswordBoss, LLC) <==== ACHTUNG
Task: {D3180715-FFE0-4FF1-9A00-B7A85D8C8BD6} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-john.fiddle@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {DAE9B933-42AB-428C-A674-1F6AB7B48337} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {DC6D5261-2F04-40A4-95D1-176E6C09C09C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {F19007DA-819C-4908-9A91-EC2F8DB3A6FF} - System32\Tasks\push _adult folder ganz runter => %comspec% [Argument = /c start "" /min "C:\Users\johnf\scripts\push_adult_folder.bat" ^&amp; exit]
Task: {F524361B-0EF8-4C2A-A90B-C18EF01954F3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {F846F544-427D-4AF6-8F8B-F5598AA55189} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\johnf\Windows Themes\Startmenü-Kategorien\Tools\Restart WinTV.lnk -> D:\WinTV\restart_wintv.bat ()
Shortcut: C:\Users\johnf\scripts\Clear TMP Directory.lnk -> C:\Users\johnf\scripts\ctmp.bat ()
Shortcut: C:\Users\johnf\Desktop\netstat.bat - Verknüpfung.lnk -> C:\Users\johnf\Desktop\netstat.bat (Keine Datei)
Shortcut: C:\Users\johnf\Desktop\Starte Redmine.lnk -> C:\Users\johnf\Desktop\Starte Redmine.bat ()
Shortcut: C:\Users\johnf\Desktop\Starte Squirrel.lnk -> C:\Users\johnf\Desktop\Starte Squirrel.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2019-01-15 20:30 - 2019-01-11 10:22 - 000154504 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2019-01-19 00:10 - 2019-01-19 00:10 - 000667016 _____ () c:\program files\avast software\avast\streamback.dll
2019-01-19 00:10 - 2019-01-19 00:10 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-19 00:10 - 2019-01-19 00:10 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-19 00:10 - 2019-01-19 00:10 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-19 15:54 - 2019-01-19 15:54 - 006937744 _____ () c:\program files\avast software\avast\defs\19011902\algo64.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 000167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2018-09-19 10:34 - 2018-12-06 11:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-17 13:46 - 2018-10-17 13:46 - 000038664 _____ () D:\Programme\ProtonVPN\ProtonVPNService.exe
2018-08-17 06:50 - 2018-08-17 06:50 - 000300032 _____ () D:\Programme\ProtonVPN\Resources\64-bit\firewall.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-03 17:15 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-01-12 13:07 - 2017-01-12 13:07 - 005654128 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX64.dll
2017-03-13 23:22 - 2016-08-15 18:03 - 000111320 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2018-10-14 19:45 - 2018-10-14 19:45 - 000230064 _____ () D:\Programme\Notepad++\NppShell_06.dll
2019-01-09 10:28 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-19 10:34 - 2018-12-06 11:14 - 101252592 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-09-19 10:34 - 2018-12-06 11:14 - 004620272 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll
2018-09-19 10:34 - 2018-12-06 11:14 - 000109040 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll
2019-01-19 00:14 - 2019-01-19 00:14 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-06 16:54 - 2017-11-06 16:54 - 000135168 _____ () C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.DLL
2017-10-19 19:29 - 2017-10-19 19:29 - 000556032 _____ () C:\Users\johnf\AppData\Roaming\Rainmeter\Plugins\SpotifyPlugin.DLL
2017-11-06 16:54 - 2017-11-06 16:54 - 000173056 _____ () C:\Program Files\Rainmeter\Plugins\AudioLevel.DLL
2017-11-06 16:54 - 2017-11-06 16:54 - 000110080 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
2017-11-06 16:54 - 2017-11-06 16:54 - 000093184 _____ () C:\Program Files\Rainmeter\Plugins\Process.DLL
2018-11-25 21:43 - 2018-11-25 21:43 - 038537672 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-12-14 17:20 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-14 17:20 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2019-01-19 00:26 - 2019-01-18 15:12 - 000094480 _____ () C:\Program Files (x86)\PasswordBoss\extensions\Chrome\PBChromeGlue.exe
2018-12-19 06:21 - 2018-12-19 06:21 - 001577984 _____ () D:\Programme\Mailbird\x64\CefSharp.Core.dll
2016-06-20 16:16 - 2016-06-20 16:16 - 069740032 _____ () D:\Programme\Mailbird\x64\libcef.dll
2018-12-19 06:22 - 2018-12-19 06:22 - 001065984 _____ () D:\Programme\Mailbird\x64\CefSharp.BrowserSubprocess.Core.dll
2019-01-19 15:06 - 2019-01-19 15:06 - 000040448 ____C () C:\Users\johnf\AppData\Local\Temp\proxy_vole6702494483056341352.dll
2019-01-19 15:07 - 2019-01-19 15:07 - 000566439 ____C () C:\Users\johnf\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2019-01-19 15:07 - 2019-01-19 15:07 - 004078962 ____C () C:\Users\johnf\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2019-01-19 00:26 - 2019-01-18 15:12 - 000088328 _____ () C:\Program Files (x86)\PasswordBoss\PBIEBroker.exe
2018-08-30 14:43 - 2011-08-23 12:04 - 000057344 _____ () D:\Programme\WinTV\TVServer\libhdhomerun.dll
2018-05-11 06:24 - 2018-05-11 06:24 - 000086968 _____ () S:\VMware\VMware Workstation\zlib1.dll
2017-08-29 17:44 - 2018-12-06 11:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-31 10:57 - 2018-07-31 10:57 - 081764304 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2018-07-31 10:57 - 2018-07-31 10:57 - 002257360 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\swiftshader\libglesv2.dll
2018-07-31 10:57 - 2018-07-31 10:57 - 000110552 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\swiftshader\libegl.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 008968192 _____ () C:\Program Files (x86)\Snagit 13\opencv_core310.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 020629504 _____ () C:\Program Files (x86)\Snagit 13\opencv_imgproc310.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 001152512 _____ () C:\Program Files (x86)\Snagit 13\cairo.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 000800768 _____ () C:\Program Files (x86)\Snagit 13\opencv_photo310.dll
2016-01-27 18:05 - 2016-01-27 18:05 - 008968192 _____ () C:\Program Files (x86)\Snagit 13\opencv_core300.dll
2016-01-27 18:05 - 2016-01-27 18:05 - 020629504 _____ () C:\Program Files (x86)\Snagit 13\opencv_imgproc300.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000588288 _____ () C:\Program Files (x86)\Snagit 13\pixman-1.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000165888 _____ () C:\Program Files (x86)\Snagit 13\libpng16.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000071680 _____ () C:\Program Files (x86)\Snagit 13\zlib1.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000778240 _____ () C:\Program Files (x86)\Snagit 13\harfbuzz.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000601088 _____ () C:\Program Files (x86)\Snagit 13\fontconfig.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 001015296 _____ () C:\Program Files (x86)\Snagit 13\libxml2.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000023552 _____ () C:\Program Files (x86)\Snagit 13\iconv.dll
2017-03-13 23:22 - 2016-08-15 18:03 - 000089816 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2017-10-18 22:58 - 2017-10-18 22:58 - 000570368 _____ () C:\Users\johnf\AppData\Local\MEGAsync\ShellExtX32.dll
2018-11-05 14:25 - 2018-11-05 14:25 - 000142888 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000278056 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000142888 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000152616 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000097320 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-11-05 14:25 - 2018-11-05 14:25 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000142872 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000142360 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\ref\build\Release\binding.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000150552 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-10-17 10:37 - 2018-10-17 10:37 - 000271384 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-10-17 10:37 - 2018-10-17 10:37 - 000097816 _____ () C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-10-17 10:38 - 2018-10-17 10:38 - 000122392 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\bufferutil\build\Release\bufferutil.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000110104 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-08-30 00:19 - 2016-08-30 00:19 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-10-29 18:45 - 2017-10-29 18:45 - 000101376 _____ () D:\Programme\MusicBee\MusicBeeBass.dll
2019-01-19 00:26 - 2019-01-18 14:53 - 000041224 _____ () C:\Program Files (x86)\PasswordBoss\PBSysInfoNative.dll
2019-01-19 00:26 - 2018-03-23 06:50 - 000613376 _____ () C:\Program Files (x86)\PasswordBoss\sqlite3.dll
2019-01-19 00:26 - 2019-01-18 14:53 - 000044816 _____ () C:\Program Files (x86)\PasswordBoss\VaultReader.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\noosyffq.sys:changelist [452]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2019-01-13 20:10 - 000000408 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
185.217.92.77 alto.hifitechinc.com
185.217.92.77 calvus.hifitechinc.com
185.217.92.77 cirrus.hifitechinc.com
185.217.92.77 cumulus.hifitechinc.com
185.217.92.77 lacunosus.hifitechinc.com
185.217.92.77 nimbus.hifitechinc.com
185.217.92.77 perlucidus.hifitechinc.com
185.217.92.77 stratus.hifitechinc.com
127.0.0.1 secure.prepar3d.com
127.0.0.1 fs2.fs2crew.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\ImageMagick-7.0.8-Q16;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\PuTTY\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\P;C:\Program Files\Git\cmd;C:\Program Files\nodejs\
HKU\S-1-5-21-127663350-3041579137-739029980-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-127663350-3041579137-739029980-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\johnf\AppData\Local\DisplayFusion\Wallpaper_2.png
HKU\S-1-5-21-127663350-3041579137-739029980-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-127663350-3041579137-739029980-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 204.152.184.76 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

MSCONFIG\Services: AcronisActiveProtectionService => 3
MSCONFIG\Services: AcrSch2Svc => 3
MSCONFIG\Services: afcdpsrv => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AtherosSvc => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HauppaugeTVServer => 2
MSCONFIG\Services: mmsminisrv => 3
MSCONFIG\Services: mobile_backup_server => 3
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: syncagentsrv => 3
HKLM\...\StartupApproved\StartupFolder: => "ETR.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinTV Recording Status.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "Rapidly"
HKLM\...\StartupApproved\Run: => "Granulomas"
HKLM\...\StartupApproved\Run: => "Erected"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "KeepVidProUpdateHelper.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "FxSound Enhancer"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Emigrating"
HKLM\...\StartupApproved\Run32: => "Shooed"
HKLM\...\StartupApproved\Run32: => "Symbolizing"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "VirtualDesktopManager.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "JDownloader 2.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "ProtonMail Bridge.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "barbarianbarbarian.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\StartupFolder: => "barbarian.lnk"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_27E519C7728811BA68C834EBDE556FEC"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "reWASD Tray Agent"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Xpadder"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "MiPhoneManager"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Longitudinally"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Hesston"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Social"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Autocracies"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Reddish"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "Halleck"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "simpsons"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "migrates"
HKU\S-1-5-21-127663350-3041579137-739029980-1001\...\StartupApproved\Run: => "SandboxieControl"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{D2BD4687-ED1B-4043-A5A2-CDEF2E380F85}D:\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{10E7A4EE-9CC2-4CDB-B58D-2BDE7E03E8F6}D:\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.)
FirewallRules: [{D5EED6CF-04B4-4EBB-A1F5-28545C4CB3C7}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\WsChrome.exe ()
FirewallRules: [{43363F92-E6E9-449F-A98A-5725D90EA8DC}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\VideoCapturer.exe ()
FirewallRules: [{8C618AB5-9A10-4D06-A7E6-6AED40808CA9}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\ScreenCapture.exe ()
FirewallRules: [{EBE1FA6F-2735-4927-A596-C20A49D1E87D}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\ImageHost.exe (TODO: <Company name>)
FirewallRules: [{5EDEDED0-B6BC-4942-8EF0-805D4321E7BA}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\FilmoraExportEngine.exe ()
FirewallRules: [{D93C3453-A321-42BA-BCAA-EBFDFF1A9433}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\EffectStore.exe (Wondershare Software)
FirewallRules: [{01B21EC5-9165-40E6-B8B8-EC4D90EC888A}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\curl.exe (curl, hxxps://curl.haxx.se/)
FirewallRules: [{0D74C7C3-E997-47D6-A90F-CEAAF2B130E3}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\cmdCheckATI.exe ()
FirewallRules: [{292FB4C1-518E-4A8F-A096-6EFDEFAFACE0}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\BugSplatHD64.exe (BugSplat, LLC)
FirewallRules: [{92BACD87-A149-4C79-B452-B5C9926B93C0}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\BsSndRpt64.exe (BugSplat, LLC)
FirewallRules: [{5EFC8F58-7B9C-47D2-9582-87A2FA54712B}] => (Block) D:\Programme\Wondershare\Wondershare Filmora\Filmora.exe (Wondershare Software)
FirewallRules: [{0837C129-AD87-4E24-A798-3485668983D3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{8E6EAA6D-CB11-4710-ABF6-8BE88C9923DB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{2FAC51BE-706D-4FA8-B025-A80FF08F2E42}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{1825FD3C-BA2E-4E78-9D7D-0DAF0C90D01C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{F6E717F4-928B-44F2-A577-F4D1B5B8B26C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe ()
FirewallRules: [{5E0A9695-6C04-45BD-A5B5-C4D6C166A5E7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH)
FirewallRules: [{A3127D95-A370-4B39-B2C5-363AFE6DAD4C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH)
FirewallRules: [{243D4311-1BB8-4E0D-8FF4-BDBC59A81432}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH)
FirewallRules: [{E74BDF51-3A75-4D38-BDE5-B0C86E1822BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{54EDC038-163F-4A63-99E5-D8D2740BE728}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{E0BCD84F-B167-4FFF-A924-7BE0B09F5FC6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{5C08332A-A6BF-4F04-842A-C08E0B2E3DF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{422AF7CE-925E-4B32-96AA-98DB9E86854B}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\license_activator.exe Keine Datei
FirewallRules: [TCP Query User{CC3E399D-04C2-4027-B296-72CF9367F10B}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{1ACCFAB9-5F07-4AD3-A351-BB17A582E942}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{47442AB4-EBC5-4E38-B05A-2087D6EA896D}D:\games\planetside 2\planetside2_x64.exe] => (Allow) D:\games\planetside 2\planetside2_x64.exe (Daybreak Game Company, LLC)
FirewallRules: [UDP Query User{946A0221-94CB-4108-AC25-198EA81F1BA0}D:\games\planetside 2\planetside2_x64.exe] => (Allow) D:\games\planetside 2\planetside2_x64.exe (Daybreak Game Company, LLC)
FirewallRules: [{155FF8DA-8FC3-40BB-A582-6E8EE2D329FD}] => (Allow) LPort=8298
FirewallRules: [{EA325302-5472-43FF-89F1-ADA950408AB2}] => (Block) %ProgramFiles% (x86)\Snagit 13\Snagit32.exe Keine Datei
FirewallRules: [{6E971EAA-DC5D-4A52-9F27-3D80AA700B8F}] => (Block) %ProgramFiles% (x86)\Snagit 13\SnagitEditor.exe Keine Datei
FirewallRules: [TCP Query User{0CB6F972-9D72-4FA0-B5C8-B6CFA74F99BC}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{EEB2595F-6FAA-483D-AF16-DCF453C5BCEE}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{BBCC2C85-7EEA-472B-A57E-667C7A941165}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{A48E65D5-E3D1-461E-B9B8-3B1C834B189E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [{6459D07B-17EE-4C38-903E-CF80E75B4688}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{C2CAB29E-743C-4AE1-B60C-A6416CA97453}] => (Allow) D:\Programme\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{17973302-B667-47DE-81C3-1FD6C36CC876}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{9F2E2828-C0D1-411F-AF26-05F85A2E697B}] => (Allow) D:\Programme\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{EF1EB89E-2D40-4C8A-8FF3-5DB84B7E2546}] => (Block) D:\Programme\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe Keine Datei
FirewallRules: [{65B68B46-F6D6-452B-B895-6CF0387F59E3}] => (Block) D:\Programme\Adobe\Acrobat 11.0\Acrobat Elements\Acrobat Elements.exe Keine Datei
FirewallRules: [{DB325E95-877F-4D6B-9526-360002CC7C91}] => (Block) D:\Programme\Adobe\Acrobat 11.0\Acrobat\wow_helper.exe Keine Datei
FirewallRules: [{36301519-DF8F-4BAC-9BCC-7D6B2AD6F23D}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Bridge\Bridge.exe Keine Datei
FirewallRules: [{89A37F69-2775-4959-992D-942EBDC8B9CC}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Help Center\ahc.exe Keine Datei
FirewallRules: [{5F4C8111-75BF-4DC3-8853-27ECAD20219D}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Help Center\ahcremind.exe Keine Datei
FirewallRules: [{5BF518A2-70E0-4B7C-AC35-EB244247079D}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Utilities\ExtendScript Toolkit\ExtendScript Toolkit.exe Keine Datei
FirewallRules: [{BE852D0B-A0BF-4CBE-94C1-F001AF0196C8}] => (Block) %ProgramFiles% (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Keine Datei
FirewallRules: [{18CCAD34-C0B0-4181-98F7-8C40E40F5180}] => (Block) %ProgramFiles% (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe Keine Datei
FirewallRules: [{0933C541-8F9B-42E7-A76C-4A61B671CEA2}] => (Block) %ProgramFiles% (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe Keine Datei
FirewallRules: [{5067A4AF-7F39-4B20-8074-CAFF6DEBBC05}] => (Block) D:\Games\Prepar3D v4\Prepar3D.exe Keine Datei
FirewallRules: [{35B61310-31E6-4AD3-B58C-49E7CBA7570E}] => (Block) D:\Downloads\Prepar3d v4\Prepar3D.v4.Professional.Plus.4.0.23.21468\Setup_Prepar3D.exe Keine Datei
FirewallRules: [TCP Query User{3F4E7B57-785D-4646-8AF7-4DA0DBA0D7AB}D:\programme\substance painter 2\substance painter 2.exe] => (Block) D:\programme\substance painter 2\substance painter 2.exe (Allegorithmic)
FirewallRules: [UDP Query User{F4E33DCB-FE44-44CC-AA0C-5B08CBCDEDC9}D:\programme\substance painter 2\substance painter 2.exe] => (Block) D:\programme\substance painter 2\substance painter 2.exe (Allegorithmic)
FirewallRules: [{7EBB165B-0D9D-42F3-86C6-E857F7F845AF}] => (Allow) LPort=22453
FirewallRules: [{A352089A-E3CD-4059-BA14-9869689A6C81}] => (Allow) LPort=22453
FirewallRules: [{0B7C9FBC-41DA-45F4-93DF-936C3AAB7820}] => (Allow) D:\Programme\Microsoft Visual Studio v14 Express 2015\Common7\IDE\VSWinExpress.exe (Microsoft Corporation)
FirewallRules: [{771D836C-466B-401B-8DC1-637C36BBF4BB}] => (Block) D:\Programme\Magix Music Maker Premium\2017\MusicMaker.exe Keine Datei
FirewallRules: [{330A9EE4-9644-4783-91F3-26971CC52747}] => (Block) D:\Programme\Magix Music Maker Premium\2017\MxErr.exe Keine Datei
FirewallRules: [{DF4B4645-E4D2-4151-AA26-4B689087AC10}] => (Block) D:\Programme\Magix Music Maker Premium\2017\Online\MagixOfa.exe Keine Datei
FirewallRules: [{A894214A-577B-489C-9D65-ECEA5077F033}] => (Block) D:\Programme\Magix Music Maker Premium\2017\Online\DM\MxDownloadManager.exe Keine Datei
FirewallRules: [{ABD7A815-626A-442C-A470-F06260E4661B}] => (Block) D:\Programme\Magix Music Maker Premium\2017\coverlabel\xaralink.exe Keine Datei
FirewallRules: [TCP Query User{4E0913F2-A66E-4CD7-8169-44AE006B7A50}D:\ue_4.19\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\ue_4.19\engine\binaries\dotnet\swarmagent.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{56CDD588-6B0A-4CD6-AAA2-4E6E6E20FBB1}D:\ue_4.19\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\ue_4.19\engine\binaries\dotnet\swarmagent.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{4F4AD121-D6C7-41A1-9AD0-407AEB198A2F}D:\ue_4.19\engine\binaries\win64\ue4editor-cmd.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor-cmd.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{2F56B507-0889-428D-9FC2-B7A09B2F3C98}D:\ue_4.19\engine\binaries\win64\ue4editor-cmd.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor-cmd.exe (Epic Games, Inc.)
FirewallRules: [{C0C3D8A1-50D9-4370-BF76-020FC0100828}] => (Allow) C:\Users\johnf\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
FirewallRules: [{99BB228F-FD2A-40F0-80E3-48793506DDEF}] => (Allow) C:\Users\johnf\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
FirewallRules: [{911906D7-79F0-4919-8920-A9CE7A687775}] => (Block) D:\Games\Prepar3Dv4\Prepar3D.exe (Lockheed Martin®)
FirewallRules: [{7B9FA9AF-8EDF-437F-9907-C050E5AD22E9}] => (Allow) D:\Programme\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [{030245B2-903F-48AB-ABCF-D95AC9E6A428}] => (Allow) D:\Programme\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [{C35BDC96-A49E-41BE-93AD-AA9611DB87BE}] => (Allow) D:\Programme\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [{F3F208B5-7EC3-4B67-A54C-33957C634EB6}] => (Allow) D:\Programme\WinTV\WinTV8\WinTV8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [{E1885CF0-3FA1-4920-A23A-2F0CBEB5E1E1}] => (Allow) D:\Programme\WinTV\TVServer\CaptureDCR.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{B6A2D25B-7DE6-462E-9346-C377A91F8F1A}] => (Allow) D:\Programme\WinTV\TVServer\CaptureDCR.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{184C6FA2-68C5-4B8D-A786-F65E77012FF7}] => (Allow) D:\Programme\WinTV\TVServer\CaptureDCR.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{375F25A3-E524-4942-A278-90E0604B54B4}] => (Allow) D:\Programme\WinTV\TVServer\CaptureDCR.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{1B8D4F27-4C3C-41B8-92D0-4B1668DC88E4}] => (Allow) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{A0890218-AE68-4488-964D-D290C8770417}] => (Allow) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{86C5CB8D-269E-46BB-86E9-1627063A9C08}] => (Allow) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works, Inc)
FirewallRules: [{4DFFF8C1-A1AB-49F6-86B7-9C6736EB51BE}] => (Allow) D:\Programme\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works, Inc)
 

Broni

Malware Annihilator
FirewallRules: [TCP Query User{01772DD0-BE4D-4B43-8D9B-69D940A01A71}D:\programme\wintv\wintv8\wintv8.exe] => (Allow) D:\programme\wintv\wintv8\wintv8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [UDP Query User{E26E5A50-4D4D-4139-B5F9-A78570A33315}D:\programme\wintv\wintv8\wintv8.exe] => (Allow) D:\programme\wintv\wintv8\wintv8.exe (Hauppauge Computer Works, Inc.)
FirewallRules: [TCP Query User{5D38C2C8-C630-4D42-97F9-2B6787EFAB49}D:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) D:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe (Apache Software Foundation)
FirewallRules: [UDP Query User{6858E829-7DC9-4F86-9F56-5230A28AB341}D:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) D:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe (Apache Software Foundation)
FirewallRules: [{545633A5-A085-4650-90B8-A4A12F271F2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{6562EA1D-D875-4AE8-B0BC-02D2217BED0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{B5791863-4CC9-442F-A07D-8A8E79166E2F}D:\programme\chaseplane\chaseplane.exe] => (Block) D:\programme\chaseplane\chaseplane.exe (OldProp Solutions Inc.)
FirewallRules: [UDP Query User{A2758ECA-13F6-4722-A117-4DF1E1C2E2E3}D:\programme\chaseplane\chaseplane.exe] => (Block) D:\programme\chaseplane\chaseplane.exe (OldProp Solutions Inc.)
FirewallRules: [TCP Query User{1281B099-04EE-4DB6-AEFB-C79A187373AD}D:\programme\activesky_p3dv4\as_p3dv4.exe] => (Block) D:\programme\activesky_p3dv4\as_p3dv4.exe Keine Datei
FirewallRules: [UDP Query User{F98AFF16-E4D5-4F7B-9BBE-1274363C70EC}D:\programme\activesky_p3dv4\as_p3dv4.exe] => (Block) D:\programme\activesky_p3dv4\as_p3dv4.exe Keine Datei
FirewallRules: [{EB157695-6F62-4842-ABE7-4D24779184B5}] => (Allow) LPort=445
FirewallRules: [{78C98EA4-291C-4DC1-807A-579AA3E42BE1}] => (Allow) LPort=19284
FirewallRules: [{85E38762-EBB6-426B-AD5A-98CE5DF17543}] => (Allow) LPort=19285
FirewallRules: [TCP Query User{FE8029E8-AB43-42B8-86AE-AEE478F1248B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{74AC55B7-FA41-4F6D-B015-A570E8DA941F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [{57732503-B783-4E8B-A9C0-0DEE48981FF5}] => (Block) D:\Programme\JetBrains\PhpStorm 2018.2.3\bin\phpstorm64.exe (JetBrains s.r.o.)
FirewallRules: [{E7F8CB2D-8903-49E9-B348-4AB713575272}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B4B7FA84-8002-4E77-9D76-C14B42D5B7A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{D369BB2C-83F5-43CD-8193-1B4DB47C8796}C:\program files\rainmeter\rainmeter.exe] => (Allow) C:\program files\rainmeter\rainmeter.exe (Rainmeter)
FirewallRules: [UDP Query User{DE34F8EE-FA49-46B0-8A2B-4AB32663E157}C:\program files\rainmeter\rainmeter.exe] => (Allow) C:\program files\rainmeter\rainmeter.exe (Rainmeter)
FirewallRules: [{23DC5599-F214-44DA-93F9-84E95925FFAA}] => (Block) %ProgramFiles%\Common Files\microsoft shared\OFFICE16\Office Setup Controller\Setup.exe Keine Datei
FirewallRules: [{54EE7BE0-60B2-4A7D-AA17-801A46BB661D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{1091605B-A5FD-4733-9EA9-B4BFF76D5420}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{EB466190-8E03-4B32-BAD6-11A564F7CF48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{CF970FC0-AEF1-47F8-A9F5-753F8CECDEA4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F29DF545-2A0C-4843-B428-C8D48EA1932F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{3B696DB0-E03F-4A02-B144-AAF472E08359}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{53B8CD55-8D58-4864-92F3-57C6EB4206EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{ECF5A65D-93ED-4236-BDC0-7F778C9C8A84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{55DDE1C1-8BF8-4991-8E68-83D202F9D807}D:\programme\teamviewer\teamviewer.exe] => (Allow) D:\programme\teamviewer\teamviewer.exe (TeamViewer GmbH)
FirewallRules: [UDP Query User{94186AFB-2E95-4842-AD54-98A4214E5BC8}D:\programme\teamviewer\teamviewer.exe] => (Allow) D:\programme\teamviewer\teamviewer.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{42BC814C-AB04-47C4-BEE4-61C3D65E91BE}D:\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{041614EE-79E9-4AF4-A689-D4C4388869DA}D:\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) D:\ue_4.19\engine\binaries\win64\ue4editor.exe (Epic Games, Inc.)
FirewallRules: [TCP Query User{D5EAD705-BDB4-4897-A7EA-142E8DDC8BAB}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [UDP Query User{1876E9DF-9D70-4B08-AC81-2C6D877543E2}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games, Inc.)
FirewallRules: [{82832BC2-72B3-4278-AF20-50ABF02FC719}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{9994D3D6-1980-4AEF-806D-14BC0C9E8438}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A2CAC3EB-BE05-4A2A-BF44-9AA1B5BFADCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F4F2C5DC-2C49-45B5-B5A8-AFD5780FD5DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{044CAB49-B3A3-46E4-A4E2-DEFDDF119B5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{AE7B73B1-028E-4F11-BB7D-9DA01D1E0D1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{7C994DF4-3E2E-4600-8431-01D9D21F9BE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{8D071850-459C-4997-89B3-5DA271F19852}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{D48C8714-2C55-4495-90C7-EC891AEDCC35}D:\programme\substance painter 2\substance painter 2.exe] => (Allow) D:\programme\substance painter 2\substance painter 2.exe (Allegorithmic)
FirewallRules: [UDP Query User{958CF083-F94A-4A45-891B-B7D11616EEAE}D:\programme\substance painter 2\substance painter 2.exe] => (Allow) D:\programme\substance painter 2\substance painter 2.exe (Allegorithmic)
FirewallRules: [{09DB61F0-03DA-40E5-8E11-5FB58A537966}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{5AB531BA-3C40-4BC0-8C6A-DF4FB6E182DD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{270FA04E-E6D7-4E28-B354-028F47E5A413}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{43770D69-0B7F-4404-8B7F-0E66C5802BCD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{63A394D4-D227-43B3-A9EA-36E38A6FB01D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{A7723DA4-DEA2-42FF-8E00-FDE421DD4607}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{64F4B807-A686-4604-A510-07463414CE9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F216F36F-FF75-48E1-AAD7-FC5D7C392AB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{4AA2FABD-0495-4135-8F7C-93E39EF77D28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F778BDD7-956D-4D4F-A300-6E2D704FE65B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{9148214A-C21F-4EC8-A704-0724195E0B6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{770431B8-D0CE-4B71-8BC7-E48FCEE81ED3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A342831A-011E-4195-8863-1622525FF58A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.95.289.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{1BD802B2-7111-479F-8461-8984C046CE05}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Insecure.Org)
FirewallRules: [UDP Query User{CC4701B5-4D9F-4F19-8DAC-C546C8E3C27D}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe (Insecure.Org)
FirewallRules: [{82E73D07-2A9C-40A2-9784-41F38C8491E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{BC4DA095-C3B2-4FAB-9224-A7C57ABC8F6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{CC71B471-2679-4043-A4DC-F9BF8C7A3948}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{44237C1F-A7CE-4CBF-A84F-AE79C08E7E44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{B1D43D56-D4D4-4B0F-83BE-060C17473E56}] => (Block) D:\REX Texture Direct SC EE\rextexturedirect.exe (REX Game Studios, LLC.)
FirewallRules: [{CE0DEF93-97F2-442F-90AE-8031F8A6338C}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\ONENOTE.EXE (Microsoft Corporation)
FirewallRules: [{7886732B-C247-4CC0-B5B4-B06CD62D20E3}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\ONENOTE.EXE (Microsoft Corporation)
FirewallRules: [{0AA628F7-E187-4FDD-B381-264405B0CC9B}] => (Allow) C:\Users\johnf\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe (Opera Software)
FirewallRules: [{5A2B6F42-6FED-4CE7-8A0A-750028C5DB21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{7FE1E726-AD5A-4863-9DFF-48D369A36C61}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{50E259BC-27DA-453F-A883-7D8062A6F43F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A9D03D12-90D2-44E7-BD25-1F84C5A7C5A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{E69D6618-7AE4-41E7-B12D-B042A780BBC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F9F1AE48-C111-47E9-91BE-2B06D7E6D937}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{00AFB833-F156-42A4-9681-2A3EF9840FED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{9DDD3AE8-6619-4B0F-A6D7-42C61D3E7431}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{F3E06D54-B1FC-4C0F-B2A0-1BF2A023CB81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{930F46F4-46B9-4894-8DC8-FC1BBD6BBC86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{E5AA63B5-15C2-46E5-A88F-491EEB49431D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{71E606BD-B0CF-41C9-86C6-4260EC15B180}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{EDD302CB-A71A-486C-9C39-231263209194}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A784FC5C-08E7-4A1A-8463-419E134FA620}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{C07E1771-FC4A-4923-A35B-D5720D566F52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{74F8A310-A907-42EF-94F9-942C62224F6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [TCP Query User{ADCD2DB0-7E4F-4A3D-8E63-6214092E3FC7}D:\programme\fsgrw_p3dv4\fs global real weather.exe] => (Allow) D:\programme\fsgrw_p3dv4\fs global real weather.exe (PILOT'S GmbH)
FirewallRules: [UDP Query User{84454FC7-0C51-4C9C-BE86-5E89329B825A}D:\programme\fsgrw_p3dv4\fs global real weather.exe] => (Allow) D:\programme\fsgrw_p3dv4\fs global real weather.exe (PILOT'S GmbH)
FirewallRules: [TCP Query User{DA9482F4-93C9-4C4C-B205-A8208930E59E}D:\programme\fsgrw_p3dv4\fs global real weather launcher.exe] => (Allow) D:\programme\fsgrw_p3dv4\fs global real weather launcher.exe ()
FirewallRules: [UDP Query User{8AD3EDC1-E993-4A02-B39A-618D301778DF}D:\programme\fsgrw_p3dv4\fs global real weather launcher.exe] => (Allow) D:\programme\fsgrw_p3dv4\fs global real weather launcher.exe ()
FirewallRules: [{F2B5DC7E-2000-4442-9231-4AF3AC062C70}] => (Allow) D:\REX Texture Direct\rextexturedirect.exe (REX Game Studios, LLC.)
FirewallRules: [{1984A014-B1F6-4330-80A2-4A2243FD9009}] => (Block) D:\Games\X-Plane 11\X-Plane.exe Keine Datei
FirewallRules: [{22F06694-9445-4C48-A46A-C154F272E539}] => (Block) D:\Games\X-Plane 11\Airfoil Maker.exe Keine Datei
FirewallRules: [{349F8D37-D38B-4DA7-AFDE-E8E0B24A28E8}] => (Block) D:\Games\X-Plane 11\Plane Maker.exe Keine Datei
FirewallRules: [{1A9138DB-3ED4-4015-9A72-6ECBBF14BCFD}] => (Allow) S:\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
FirewallRules: [{DBAE5FDD-797D-4751-AAAC-45B7019777C5}] => (Allow) S:\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
FirewallRules: [{2E697E71-5274-4AAD-9B39-1F370C6CFC30}] => (Allow) S:\VMware\VMware Workstation\vmware-hostd.exe ()
FirewallRules: [{B5C61A45-BF9A-4B52-861B-FA8B51669E39}] => (Allow) S:\VMware\VMware Workstation\vmware-hostd.exe ()
FirewallRules: [{2EA884DA-3002-43D8-8ED5-8F71C6B56789}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe Keine Datei
FirewallRules: [{B03893AF-7677-4A0B-AD43-7FC4F7F373A4}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\CRWindowsClientService.exe Keine Datei
FirewallRules: [{32ED12ED-A3FA-4F04-BED9-8396A146AD87}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe Keine Datei
FirewallRules: [{75D80417-1C1D-403D-BEB8-2597AC4784FC}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\ONENOTE.EXE (Microsoft Corporation)
FirewallRules: [{75000217-70E9-413F-8E8E-D358655BC969}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\ONENOTE.EXE (Microsoft Corporation)
FirewallRules: [{45F00A27-D343-4346-A350-E657E85AB1D8}] => (Allow) D:\Programme\Microsoft Office 2010 Professional Plus\Office14\outlook.exe (Microsoft Corporation)
FirewallRules: [{B5DB64ED-A64E-4A01-86DA-1579131FA2DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{C61C4D3A-292E-400E-A816-8D52A4127B8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{B6D3BF6D-5177-49E3-A80D-2CB73331580F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{027469FB-474D-4C83-B50F-1839127C4267}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{22F77AF2-29CE-4EFA-9C4D-3A65C4E0271D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{245633EC-9B7D-48F5-B91A-623692F2CF9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{03CE91DA-1950-4216-B483-A51D56D3C0C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{521AA296-D729-4B21-918E-B4A69E1FD3B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{1CEC3D55-651A-42F1-BE1C-28A034D882CD}] => (Allow) C:\Users\johnf\AppData\Local\Programs\Opera\57.0.3098.116\opera.exe (Opera Software)
FirewallRules: [TCP Query User{AB704A09-25B0-44EF-AFC8-BEBDEAC79C56}D:\programme\musicbee\musicbee.exe] => (Allow) D:\programme\musicbee\musicbee.exe (Steven Mayall)
FirewallRules: [UDP Query User{8187A5AC-F57B-4430-B311-ADDC3A4049E2}D:\programme\musicbee\musicbee.exe] => (Allow) D:\programme\musicbee\musicbee.exe (Steven Mayall)
FirewallRules: [{9B74A772-689C-429D-BCB4-0B3C65C1743C}] => (Allow) LPort=3000
FirewallRules: [{2A3519CA-833F-4EEB-AF65-95387632BD89}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\VLC Setup Helper.exe (Hobbyist Software)
FirewallRules: [{3BC243A6-7E46-4108-93B0-203F487DD2B3}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{7EC4B1AC-5E58-4695-90B5-600009BD7E22}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSResponder.exe Keine Datei
FirewallRules: [{E374AF94-F8FB-47E9-BED0-80BC7B37A533}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{8D0F9C7E-4FFE-4523-A308-E2013123F0A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{6D245584-5B82-4318-AF1B-76406D5A1BBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{0FBECCDF-775E-4FD0-B8FD-C96D1B7DEDB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{FBC918D6-61CB-46DE-9E4B-23DA24427ABC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{CE30463C-FC32-4A9C-88AC-A76E7A8D712A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{B9F22B9F-ABCD-4083-B710-56D111ECC4DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{0998B337-834D-482E-B64A-E58D29B5F1E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{7177ACF3-1803-4002-AFBF-23ADF84316A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{4766FBA2-1F36-4176-ACA5-F63CEC14D4F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{168E1BF9-C543-4E61-A2F1-73F06B9E5BC7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{A4D6BDC8-A498-4C95-89F2-EC1A4AAE446E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{0D5C30D3-80DC-4729-82A6-22C80CEFF285}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{3FAAF860-8225-44AF-B42C-E8D5E21CA8CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{68D2816F-9D33-4A2D-ABE3-41DC204DAA1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{185EAA3B-7086-45CF-8B6C-847D6ADC4683}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.96.181.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd)
FirewallRules: [{4DF10F07-4986-44E5-AC29-CA862F7FA5DD}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware)
FirewallRules: [TCP Query User{5761FDA3-5F06-43C0-9BA5-F64BB751F19B}C:\ruby25-x64\bin\ruby.exe] => (Allow) C:\ruby25-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/)
FirewallRules: [UDP Query User{46DB32AF-873C-40A0-9D62-A2CA170126D0}C:\ruby25-x64\bin\ruby.exe] => (Allow) C:\ruby25-x64\bin\ruby.exe (hxxp://www.ruby-lang.org/)
FirewallRules: [{26FDD2A6-3FDD-46E5-AC64-09B79FEC55BB}] => (Allow) D:\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{689CCBE5-D315-4238-BCB7-B9DE122362F2}] => (Allow) D:\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{159B65A2-277D-469D-9708-A704E6148A67}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe Keine Datei
FirewallRules: [{402B1233-1D91-4DC9-B3B5-4A9E9FF998DA}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe Keine Datei
FirewallRules: [{016CB372-3990-47CA-855A-EB9077156F89}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{9B802994-6741-432D-85C5-BCEDB5C2FD65}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{1A942FD1-0EA6-4DF5-80B6-DEF32564F3EE}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{7D745D6B-9B93-4E02-8246-A868061C4AA1}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{8A0FCAA4-B9E0-472B-81DE-28C035CC06D9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{167A6E8B-7FE0-461D-B2F2-AB8616517DB9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{92F48E19-80E8-483E-9137-90C3B686A2B2}] => (Allow) C:\Program Files (x86)\PasswordBoss\passwordboss.exe (PasswordBoss, LLC)

==================== Wiederherstellungspunkte =========================

17-01-2019 16:45:13 Before Malwarebytes Anti-Rootkit execution
17-01-2019 21:39:43 Installed Sophos Virus Removal Tool.

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth Device (Personal Area Network) #2
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-ProtonVPN Windows Adapter V9
Description: TAP-ProtonVPN Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-ProtonVPN Windows Provider V9
Service: tapprotonvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Npcap Loopback Adapter
Description: Microsoft Loopbackadapter für KM-TEST
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kmloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/19/2019 05:58:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Setup.exe_Microsoft Setup Bootstrapper, Version: 14.0.4734.1000, Zeitstempel: 0x4b581e85
Name des fehlerhaften Moduls: OLEACC.dll, Version: 7.2.17134.1, Zeitstempel: 0x47691bbd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00017686
ID des fehlerhaften Prozesses: 0x2b1c
Startzeit der fehlerhaften Anwendung: 0x01d4b0183b25da11
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\OLEACC.dll
Berichtskennung: 3c8e4f6a-e796-41e5-ae65-b01a01b3d4ba
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 05:55:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0xd1c
Startzeit der fehlerhaften Anwendung: 0x01d4b017b966a163
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: 5344465d-d14f-4727-9e1c-06522b4b4e64
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 05:54:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x3f84
Startzeit der fehlerhaften Anwendung: 0x01d4b017b358c93b
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: 3b9ba347-9d32-47f2-9a8d-c249738a0158
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 05:54:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x1474
Startzeit der fehlerhaften Anwendung: 0x01d4b017ad491c42
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: 6fc2f465-8a1d-4616-8662-5731b4465edb
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 05:54:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x9f8
Startzeit der fehlerhaften Anwendung: 0x01d4b017a72d5adf
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: 58371f38-2304-4f4c-be09-3a9d9b307e8f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 05:54:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x30c8
Startzeit der fehlerhaften Anwendung: 0x01d4b017a1162b2c
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: 3c297438-2c89-4d67-9212-a20935082179
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 05:54:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x2898
Startzeit der fehlerhaften Anwendung: 0x01d4b0179b0cbbb8
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: c5094c83-5cc3-4e43-abf8-4d32b19ad06a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/19/2019 05:54:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 4.89.17.15, Zeitstempel: 0x5c2feb2f
Name des fehlerhaften Moduls: chrome_elf.dll, Version: 68.0.3440.106, Zeitstempel: 0x5ba6bb8c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000021057
ID des fehlerhaften Prozesses: 0x3170
Startzeit der fehlerhaften Anwendung: 0x01d4b01794fa3484
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
Berichtskennung: 0c196276-311c-48be-ac21-ddbc01f18914
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (01/19/2019 04:55:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Pushbenachrichtigungs-Benutzerdienst_e58c4" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.

Error: (01/19/2019 04:38:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Pushbenachrichtigungs-Benutzerdienst_e58c4" wurde unerwartet beendet. Dies ist bereits 3 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/19/2019 03:42:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Pushbenachrichtigungs-Benutzerdienst_e58c4" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/19/2019 01:50:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Pushbenachrichtigungs-Benutzerdienst_e58c4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/19/2019 12:34:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NIHardwareService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/19/2019 12:26:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/19/2019 12:05:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/19/2019 11:55:37 AM) (Source: DCOM) (EventID: 10016) (User: EPSON3191BJ)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "EPSON3191BJ\johnf" (SID: S-1-5-21-127663350-3041579137-739029980-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


Windows Defender:
===================================
Date: 2018-11-29 00:45:32.335
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

Date: 2018-11-29 00:45:32.328
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

Date: 2018-11-29 00:45:32.328
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

Date: 2018-11-28 19:14:08.323
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

Date: 2018-11-28 19:14:08.323
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.261.1400.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14500.5
Fehlercode: 0x800b0003
Fehlerbeschreibung: Das für den Antragsteller angegebene Formular wird vom angegebenen Vertrauensanbieter nicht unterstützt oder ist ihm nicht bekannt.

CodeIntegrity:
===================================

Date: 2019-01-17 16:11:44.439
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-17 15:46:15.933
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-09 13:52:40.383
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\DisplayFusion\Hooks\AppHook64_213ED4A0-83A4-4A6D-A3C0-60426DC3578A.dll that did not meet the Store signing level requirements.

Date: 2019-01-02 07:39:18.396
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-02 07:39:18.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-02 07:39:18.387
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-02 07:39:18.384
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-02 07:39:18.380
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Users\johnf\Windows Themes\one1184\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 24444.22 MB
Verfügbarer physikalischer RAM: 16664.93 MB
Summe virtueller Speicher: 28028.22 MB
Verfügbarer virtueller Speicher: 19421.42 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:118.13 GB) (Free:11.5 GB) NTFS
Drive d: (Daten) (Fixed) (Total:786.95 GB) (Free:35.98 GB) NTFS
Drive f: (Der Seewolf) (Removable) (Total:29.89 GB) (Free:1.51 GB) NTFS
Drive s: (Games) (Fixed) (Total:144.43 GB) (Free:6.47 GB) NTFS

\\?\Volume{c1db7f81-146e-4ed4-b4f6-5d0efa598e6e}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.6 GB) NTFS
\\?\Volume{012d7787-bfae-4e74-aaa1-7ab7443b72a4}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6DD4F5AC)

Partition: GPT.

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: AA2B32C7)

Partition: GPT.

========================================================
Disk: 2 (Size: 29.9 GB) (Disk ID: 944B262A)
Partition 1: (Not Active) - (Size=29.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
 

Broni

Malware Annihilator
You're running two AV programs, Avast and Eset.
You must uninstall one of them.


Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

xcy7e

TS Rookie
You might recognize Eset from data garbage as it is already uninstalled and no entry left in windows' uninstall feature in the control panel. Anyways, I uninstalled Avast for now.