Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

processes running multiple times [Closed]

Started by Max1234 , Jun 21 2017 05:16 PM

  • This topic is locked This topic is locked

#1
Max1234
Posted 21 June 2017 - 05:16 PM

Max1234

    New Member

  • Member
  • Pip
  • 6 posts

Hey Guys,

I really hope, I'm in the correct Section since I'M not 100% certain my Problem is a malware Problem.

 

So my Notebook which is like 2 years old by now starts to run pretty slow lately. I thought it will be just the usual Thing and cleaned couple of programs, cleaned my drive and so on. After a while I discoverd in my Task Manager that almost every program/process opend was running multiple times. I mean, I do know that processes like svchost.exe has to be opend like 2 or 3 or 5 times but 52 times?^^ I will add a screenshot off of my Task Manager so you GUys will have a better understanding of whats going on. Since I'm not that experienced in Fixing stuff like that I hope one of you can help me out.

 

Oh and when I try to Close a process ist immedietly reopens itself or just one or more copys of it : /

 

See ya and good Night

Attached Thumbnails

  • processes.PNG

  • 0

Advertisements

#2
Valinorum
Posted 22 June 2017 - 01:33 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Hi,

Please, post the required logs as instructed here.
  • 0

#3
Max1234
Posted 22 June 2017 - 02:47 AM

Max1234

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

(I just realized its in german...Sorry for that : / )

 

Hey, thanks for your quick reply, here are the logs:

 

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-06-2017 01
durchgeführt von Määx (22-06-2017 10:42:02)
Gestartet von C:\Users\Määx\Desktop
Windows 10 Home Version 1703 (X64) (2017-05-08 18:08:39)
Start-Modus: Normal
==========================================================
 
 
==================== Konten: =============================
 
Administrator (S-1-5-21-2590566765-4154940034-2529162823-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2590566765-4154940034-2529162823-503 - Limited - Disabled)
Gast (S-1-5-21-2590566765-4154940034-2529162823-501 - Limited - Disabled)
Gimp (S-1-5-21-2590566765-4154940034-2529162823-1003 - Limited - Enabled)
Määx (S-1-5-21-2590566765-4154940034-2529162823-1001 - Administrator - Enabled) => C:\Users\Määx
 
==================== Sicherheits-Center ========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installierte Programme ======================
 
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
ANNO 1404 - Gold Edition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1602 - Creation of a New World (HKLM-x32\...\1438168222_is1) (Version: 2.0.0.6 - GOG.com)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Avast Pro Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Axure RP 8 (HKLM-x32\...\Axure RP 8) (Version: 8.0.0.3333 - Axure Software Solutions, Inc.)
Axure RP 8 (x32 Version: 8.0.0.3333 - Axure Software Solutions, Inc.) Hidden
Balsamiq Mockups 3 (HKLM-x32\...\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 3.3.6 - Balsamiq SRL)
Balsamiq Mockups 3 (x32 Version: 3.3.6 - Balsamiq SRL) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.4.0.28 - Swiss Academic Software)
congstar Internet-Manager Hostless Modem (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
Curse Client (HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dishonored (HKLM\...\Steam App 205100) (Version:  - Arkane Studios)
Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)
Epic Games Launcher (HKLM-x32\...\{335378EC-959D-42F5-9FDE-289722DF3453}) (Version: 1.1.103.0 - Epic Games, Inc.)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Free 3GP Video Converter version 5.0.56.128 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.60.713 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.60.713 - DVDVideoSoft Ltd.)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hotkey 2.34.49 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 2.34.49 - )
IBM SPSS Statistics 19 (HKLM\...\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}) (Version: 19.0.0 - SPSS Inc., an IBM Company)
Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.2 - Insyde Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{1FED72CD-8B5E-4298-8403-6DB135FBC70B}) (Version: 19.30.1649.0949 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f0aecb48-77c7-45fa-b264-ea1945fdee59}) (Version: 18.33.0 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Legacy of Kain: Soul Reaver (HKLM-x32\...\Kain 2) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.578 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.578 - LogMeIn, Inc.) Hidden
Micro Focus iPrint Client v06.06.00 (HKLM\...\Novell iPrint Client) (Version:  - Micro Focus, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Morae Manager (HKLM-x32\...\{5325F0CD-8B2C-40BA-B597-89A3FB09B83C}) (Version: 3.3.4 - TechSmith Corporation)
Morae Manager Events by Web Page Plugin (HKLM-x32\...\Morae Manager Events by Web Page Plugin) (Version: 3.3 - TechSmith Corporation)
Morae Manager Mouse Tail Plugin (HKLM-x32\...\Morae Manager Mouse Tail Plugin) (Version: 3.3 - TechSmith Corporation)
Morae Recorder (HKLM-x32\...\{3064B250-EDCA-4E69-A62A-4DA32225E4BE}) (Version: 3.3.4 - TechSmith Corporation)
Nexus Root Toolkit (HKLM-x32\...\Nexus Root Toolkit) (Version: 2.1.9 - WugFresh)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
PDF24 Creator 8.0.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PSPP (HKLM-x32\...\PSPP) (Version: 0.9.0 - Free Software Foundation, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.4.6.10930 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.25 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1013 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21296 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Rogue Spear (HKLM-x32\...\Rogue Spear) (Version:  - )
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
S.T.A.L.K.E.R.: Clear Sky (HKLM-x32\...\Steam App 20510) (Version:  - GSC Game World)
SafeZone Stable 3.55.2393.607 (x32 Version: 3.55.2393.607 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.07 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB)
StarCraft II - Legacy of the Void Beta (HKLM-x32\...\StarCraft II - Legacy of the Void Beta) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.24.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
Tomb Raider: Legend (HKLM-x32\...\Steam App 7000) (Version:  - Crystal Dynamics)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
Warhammer 40,000: Eternal Crusade (HKLM-x32\...\Steam App 375230) (Version:  - Behaviour Interactive)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows-Treiberpaket - Insyde (AirplaneModeHid) HIDClass  (07/01/2013 1.3.0.0) (HKLM\...\E38E8D276444640BFCE21B5A73FD63C479B76259) (Version: 07/01/2013 1.3.0.0 - Insyde)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
CustomCLSID: HKU\S-1-5-21-2590566765-4154940034-2529162823-1001_Classes\CLSID\{4c81d807-f64f-4ceb-b9fc-a866ad8ca0a6}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
 
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
Task: {041EB338-BADB-4E9F-BE3A-54FE9BEFC130} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-20] (Microsoft Corporation)
Task: {05AFC98F-172B-423D-9CC7-3CEE96856C0C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {0668A5D9-AB9D-45B4-9527-3E34DDDE63F3} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe [2017-03-28] (IObit)
Task: {0FB89520-6838-49B7-A433-3032F1FD517F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {10E6037C-12D4-4AD0-AB55-787A105CDE5A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1622AF12-E1EC-4E33-865E-E40FEB246A3D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-20] (Microsoft Corporation)
Task: {1FFD62DD-71B0-405A-A35A-9B05FBD08857} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {31A9D2DE-978D-438C-8F5D-5C1B7B491682} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {355F8E2C-0B98-48ED-A03B-C1DAEAD5D371} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3A5FA23C-6179-41CB-B129-0F8C25836068} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4374CD08-A824-48A0-A518-B0422C92792D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {480C3C4F-4FAB-4E9A-8863-675088EC859F} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2590566765-4154940034-2529162823-1001 -> Keine Datei <==== ACHTUNG
Task: {4C953338-CB8E-4928-A4DF-A81D3F72B039} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {52C72D93-A1E9-44B9-9AAD-0BDB4C466727} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {53B59979-40EA-4F65-A873-C5A897BE3C07} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {62EF499D-4CC6-45C0-8971-FC9AD2AABE91} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-20] ()
Task: {63FA7297-8296-4B13-9898-FFB5F7AF58D6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {64840D46-1AA2-4375-B020-391E671516F0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {6594F42F-430D-4556-83FB-95854AF84857} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {704B9380-07C1-4990-B6C8-43F5BDAED9BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {70822A4B-1686-437A-A69F-6B0EEAC4E94D} - System32\Tasks\SafeZone scheduled Autoupdate 1466278783 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software)
Task: {7E4B85FF-7E43-4C05-8590-71A6F4EBDBBC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {884598EF-D4B4-4353-8F0D-9E12C17C612E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-09] (AVAST Software)
Task: {8B91AB4A-15CF-41C6-B111-08CBA1F0D297} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {92C814AE-0AEA-45D6-A2AB-E9EBAA005565} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {958631CE-57C1-4A45-B8D2-612A47126FE1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9B4887BE-F22D-475C-9DA5-AEBC5291CDFA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {A856066E-8405-4C5B-8D50-8408D331F78B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A9C929C2-816E-48BE-9580-CBD2481D5D8C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {AE417C4E-C21E-4E92-9E60-68E17180EB9D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {B2B0C8A3-F917-425D-B5BD-A87A083EE7D1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation)
Task: {BE342857-7EBD-497A-8F4D-AEBAB1CEE26C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C1F78C5F-2C33-435B-A6DF-56DE05233FC2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {C88191DC-65B3-489D-B6F7-05D53FEA0301} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C91067AD-6C36-4563-8194-BABDBB1A23EB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CEDC62AE-6BBF-45E1-9D60-F6737786B99B} - System32\Tasks\Driver Booster SkipUAC (Määx) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {D7D0C141-9ACC-44EC-B99F-7D8A3238C8C3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E26F6DCE-206C-4542-B418-6A3E90A32D1C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {EF65C2C8-C9B4-4686-8FC4-FD362C37C22D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-20] (Microsoft Corporation)
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Verknüpfungen & WMI ========================
 
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 
 
ShortcutWithArgument: C:\Users\Määx\Desktop\stuff\congstar Internet-Manager.lnk -> C:\Program Files (x86)\Hostless Modem\congstar Internet-Manager\LaunchWebUI.exe () -> hxxp://stick.congstar
 
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 
2016-11-17 12:46 - 2016-11-17 15:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-17 12:46 - 2016-11-17 15:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-17 12:46 - 2016-11-17 15:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2017-06-21 08:10 - 2017-06-21 08:10 - 00012080 _____ () C:\WINDOWS\TEMP\BullseyeCoverage-x64-3.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-01 23:05 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-01-05 21:39 - 2014-02-21 12:21 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2015-01-05 21:39 - 2014-02-21 12:19 - 00366080 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2015-09-29 22:31 - 2015-09-29 22:31 - 00289600 ____R () C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\Chrome\ChromeMessagingHost.exe
2017-06-17 03:51 - 2017-06-17 03:51 - 31133184 _____ () C:\WINDOWS\system32\Macromed\Flash\pepflashplayer64_26_0_0_131.dll
2014-03-20 12:43 - 2014-03-20 12:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-11-17 12:46 - 2016-11-17 15:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-17 12:46 - 2016-11-17 15:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-17 12:46 - 2016-11-17 15:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-09 20:20 - 2017-05-09 20:20 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-09 20:21 - 2017-05-09 20:21 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-09 20:21 - 2017-05-09 20:22 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-09 20:21 - 2017-05-09 20:21 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-09 20:21 - 2017-05-09 20:21 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-09 20:20 - 2017-05-09 20:20 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-09 20:21 - 2017-05-09 20:21 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-11-17 12:46 - 2016-11-17 12:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-17 12:46 - 2016-11-17 12:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-17 12:46 - 2016-11-17 12:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-17 12:46 - 2016-11-17 12:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-17 12:46 - 2016-11-17 12:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-17 12:46 - 2016-11-17 12:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-17 12:46 - 2016-11-17 12:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
 
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
IE trusted site: HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com
 
==================== Hosts Inhalt: ===============================
 
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Andere Bereiche ============================
 
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Määx\Desktop\DJI_0274.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
 
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
HKLM\...\StartupApproved\StartupFolder: => "Hotkey.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HandyAndy.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "HDAudDeck"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "iPrint Tray"
HKLM\...\StartupApproved\Run: => "iPrint Event Monitor"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema 2"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "CancelAutoPlay_df"
HKLM\...\StartupApproved\Run32: => "CheckNDISPortf0acaf"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
 
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
FirewallRules: [{07A4D096-4845-42F2-8456-F22063CD0ACB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B3ECEEA0-6D03-460D-9487-8639B93A04F6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A59D433D-F624-4124-8B97-9F9DD9AA8B7A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A5378025-F8CE-4821-A0FD-FA2B81D04A23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{384AABA9-68E4-40A5-9A44-55E7AE4F10E6}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{EE24A9D9-C638-45FA-B409-7C10FC512363}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{D819EF48-5D38-4A2C-B57D-9CEE4D174EC6}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{BD0933F9-5FA7-4276-A971-0F92E61F18D6}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{C3446961-C421-4E18-A13D-61A5B435FDE2}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{E3BB50E7-F63D-4761-A2EF-97DD6F4ADBC3}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{A7C642D5-D2AE-4699-A2DC-FBBF322A7119}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{2ED18496-DE4B-4A4B-AAB0-9C7F7DA0BE7F}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{A4B3C9CC-FFDB-4D13-9ED5-B55ABD262DD8}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{AFA6AFE1-AFDF-4CC7-8CA8-F6DE70D25383}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{A02F6E56-7575-4BB5-9A26-238AB2ECC9F0}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{8D1E2052-9118-45DE-8D02-93E2F9FC1E98}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{8CDAE5BC-E870-46B5-941B-25813D03EFAD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3FC66337-5388-4DAC-8DD2-74916729CCE6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F0D15B8E-E894-4D64-9FC9-BF104996B12E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A295DFCE-F7C9-43E4-8B55-0D52FBA561A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [UDP Query User{6B4EB744-64C0-44F7-B435-E5B5E2F0BA60}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{4D0698F8-5392-41AF-B9DB-9BCB35B86DF7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{010E62B0-9ED4-4696-91E8-1013E4C7D5D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B913AE12-468E-4436-ADBF-B5799D55C6FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{084DC5B1-8FAD-4611-80FB-1245325CCA24}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4C9CC9A7-3802-4F61-AC4F-12D49AF65A4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{61EFC04E-E6DB-4648-9827-E5A6FD621AB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{7CC1CAC4-CD10-4E14-852E-D8E277710C59}C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe
FirewallRules: [TCP Query User{46F36043-8A13-4624-B26E-9F7C160C914B}C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe
FirewallRules: [{BD0DB6CC-7951-4960-810A-8474C3B67148}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe
FirewallRules: [{A260E68C-7864-4C36-BD13-8EE4FCEE3903}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe
FirewallRules: [UDP Query User{C004407B-4D9C-4A9E-A06E-864662B74B15}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [TCP Query User{66E71B40-9351-4A16-9CBC-99A68431E047}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base37164\sc2_x64.exe
FirewallRules: [{7F19B3B8-02A9-49C9-A6D3-58539FD84E90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{B853BFB5-1C76-4AFB-B8C3-610728B99477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{48E8BEE8-8E29-493D-B3E5-E96764050F53}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{75F00F15-3A1F-4B42-B143-E8C61F6A1714}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{88A0ED40-99B8-425F-867C-BD75C286C6CB}C:\users\määx\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\määx\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A2E9636E-E698-48BA-ABEA-8A6C1A9C8CD4}C:\users\määx\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\määx\appdata\roaming\spotify\spotify.exe
FirewallRules: [{918D2893-9B7F-4461-BD32-A60446900B4C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C649F872-5B51-4128-BADB-CDEC33B70794}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4CC3AB7-7C10-43B9-9153-0458432CB930}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{007E2DD0-90AB-4105-83F5-E503D74FDCFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{ED77B06D-CA04-43E3-845B-ECF10026C74C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [{10461462-76F5-4213-AEF8-BE80B1EDBF58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [{E0CAE1A6-5B57-4334-AE44-84874A137C07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{438B40D8-5648-42C0-A66A-7E63DAEFC9C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{2E189617-1230-4014-86D9-B59B68E8891F}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{F40B0864-6566-4D0E-AA78-9D522DC98005}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{6EEA50BA-ED71-4E71-AE7C-8C25DEB06F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [{0ECC883E-F769-4A53-A92E-1F888F2811CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Legend\trl.exe
FirewallRules: [TCP Query User{6D37BA09-DF11-4D27-BB6F-326DD24BC265}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{65A88248-228C-4F63-A120-B84C4F6B4D8A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DF7DD341-D74D-4790-842D-B7E1570C0FDA}C:\users\määx\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\määx\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{301D320D-C492-4343-BE90-3230931968FF}C:\users\määx\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\määx\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7620F4DE-4D21-4583-A344-5411C0F37FF2}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5CAA3A35-2586-4299-BAF4-E8145377E5DF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1A243E0D-F014-4494-BE38-3E35C40B98AD}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A9E7A996-03A4-4381-8CF6-F10D32E4E5E3}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{B10525C2-1ECA-43F5-96F4-2CF1A3A63397}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{9535851B-F017-497E-9BBA-DB32014E3584}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{DCD3EAE9-2C02-430C-8516-215A0ADFCEB5}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{809EF4EA-471B-4D7A-A689-9167036C0F92}] => (Allow) C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{38F08D8C-6DAB-4629-B426-CD69300533CD}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{4FC73028-8E74-4A65-8FE6-62D765518992}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{54C98B19-2C32-42F3-BC8F-53C40179455A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{7A91C42B-8E0A-4351-9C43-3D7222F963C4}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{5F828AD0-236D-4104-8C7C-389FE69DFCDD}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{E60ADB7E-75BE-456F-B394-A116318071C3}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{77D1A3FC-EF7A-4432-8A65-8367E965AC9A}C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe
FirewallRules: [UDP Query User{4ADCC5BC-8DD8-4A91-976B-2981A3FCB129}C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warhammer 40,000 - eternal crusade\eternalcrusade\binaries\win64\eternalcrusadeclient.exe
FirewallRules: [{17758940-1580-448A-8931-D6E75C1B57AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{61AADDFF-2B39-42ED-B91A-7B455E1CD2D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [TCP Query User{B03C84B3-DA6B-4768-BA53-ACC51FCF45FB}C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [UDP Query User{476DF738-39FA-4006-A6FB-384148599A36}C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe
FirewallRules: [{A3D5706D-6B06-4162-B0BE-B448FD083957}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\19\stats.exe
FirewallRules: [{EEDBE905-BF7F-440C-919C-E516B1295E93}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\19\WinWrapIDE.exe
FirewallRules: [{474C0638-B29C-45AA-947E-B58BF2F30257}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\19\stats.exe
FirewallRules: [{9B21ADE6-5ABC-463E-A8B6-D166D2F50418}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\19\WinWrapIDE.exe
FirewallRules: [{2F8B8EE6-30BE-432E-A35A-B1DC4B16B14F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\19\stats.com
FirewallRules: [{910D5DDD-3666-4612-A966-93179655227D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\19\stats.com
FirewallRules: [TCP Query User{822B74EA-C533-4221-8765-934E0F40D200}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe
FirewallRules: [UDP Query User{3D2DC108-6731-44C0-86AE-DC1A7B1D8F51}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe
FirewallRules: [TCP Query User{92CBC6A7-185E-4CDC-8490-5CB61FFA2B85}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{4264A14E-DEAB-415C-BFD0-1ECBF9A8E974}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1E2B4B11-770C-4919-8988-A1E35879DD9B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{5C0D1B2F-A2ED-498B-8776-A0F9E92243AA}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{58690B3C-7B7D-4432-BF5C-A693C433340D}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{BE380318-2AE6-45AB-9066-69E63974820A}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{37BFF1AA-E87F-4266-9CD3-EC314AE21C41}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{469C3E07-7CDD-4446-94AB-C40FE3079BE0}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{EA307B0C-FEE1-4CCD-B813-EA9D4B1E84BD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{892BC50A-91DC-47DE-9C1A-5E47A11B4DAA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{CE8F810A-7CA8-40BB-BF6C-982048DF5745}C:\gog games\anno 1602 - creation of a new world\1602.exe] => (Allow) C:\gog games\anno 1602 - creation of a new world\1602.exe
FirewallRules: [UDP Query User{B9C31C85-E1D1-4412-A579-09CE3F246061}C:\gog games\anno 1602 - creation of a new world\1602.exe] => (Allow) C:\gog games\anno 1602 - creation of a new world\1602.exe
FirewallRules: [{3196BE30-FEE8-44BE-A1B2-79F548003BB1}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Anno4.exe
FirewallRules: [{CDD89267-AB69-4AAF-B385-BC8AA40A17E7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Anno4.exe
FirewallRules: [{0781DCB4-3A5C-4681-8B5B-D4482733378E}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Addon.exe
FirewallRules: [{B0536B39-5045-43CD-A07F-374056F78A7C}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Addon.exe
FirewallRules: [{16DB9F77-45BA-4AAC-ABFF-8B4647814569}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Anno4Web.exe
FirewallRules: [{A3968AF8-1C19-4CD5-8C93-783629FC403B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Anno4Web.exe
FirewallRules: [{D28A991D-E61F-4A84-BBA3-401610DADC80}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\AddonWeb.exe
FirewallRules: [{4502DD16-7A43-478E-A8F2-A2E15086F260}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\AddonWeb.exe
FirewallRules: [{1AA92164-2D23-4116-8AC6-F283307F63E5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Benchmark.exe
FirewallRules: [{350BA277-6361-47C3-B975-0D17FDFA26DD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Benchmark.exe
FirewallRules: [{16C11683-9B1F-49E6-B8FF-ADE31DB7998C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{A2F8E837-332E-4318-881D-6CB7B0A94744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{6884ADE6-E630-4D5B-A769-1DE1870105E7}C:\users\määx\desktop\scrapyard\scrapyard.exe] => (Allow) C:\users\määx\desktop\scrapyard\scrapyard.exe
FirewallRules: [UDP Query User{AEAAABEA-B281-4528-BB1B-65AA9F953EE1}C:\users\määx\desktop\scrapyard\scrapyard.exe] => (Allow) C:\users\määx\desktop\scrapyard\scrapyard.exe
FirewallRules: [{5A12049E-D9C1-4F5E-8A64-C6D78363FAA3}] => (Allow) C:\Program Files (x86)\TechSmith\Morae\MoraeRecorder.exe
FirewallRules: [{B96717CB-EFF2-497C-81CC-B14EB5D20C61}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{316D9390-E5A6-4AD1-A3D1-D62E26B4A76F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{5F81E4CC-965A-4742-9E04-8F75F69C9E31}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{2A6EFF52-5EA0-4100-8A63-D480EA5076B9}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{7AF90070-1EA5-4862-9E39-1AD37A21B88D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [{6667F370-BF79-42E8-A34E-DFED295A85E2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{24962830-3347-4338-B8BE-B280DB384F86}] => (Block) LPort=445
FirewallRules: [{3A62A9A5-3AD6-406D-9DDC-04AABDF1B1E8}] => (Block) LPort=445
FirewallRules: [TCP Query User{73154E41-56DF-41F7-A32E-D0CD345DF070}C:\program files\epic games\ue_4.15\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.15\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{B7629F04-5983-4D88-A0ED-CEB86F60182F}C:\program files\epic games\ue_4.15\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.15\engine\binaries\win64\ue4editor.exe
FirewallRules: [{C1368E97-3B33-4B35-A8BA-B69E2974F172}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe
FirewallRules: [{CA9DE902-E526-456E-9882-EF6CED74C19B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6F7887D0-EC35-4F2B-A5E2-EB34990B9C39}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C8621144-0F2A-4FB9-B16F-32FA2020CA19}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{3F786178-CAAB-45D8-A60F-2026934B7192}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{B6C415CC-CD69-4DDE-91E3-62605649E8CF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{4DF3D0DD-4C52-432C-AC3F-DF6261337ED1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{C67BC13F-6618-4C70-A3E3-715FC652D8BF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{C16700D8-3537-426A-BF3D-90A86B8BBB2D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{C145EE4A-F3D4-44D3-92B2-3F52DF78613C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
 
==================== Wiederherstellungspunkte =========================
 
05-06-2017 23:26:35 Windows Update
13-06-2017 19:57:40 Geplanter Prüfpunkt
 
==================== Fehlerhafte Geräte im Gerätemanager =============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Fehlereinträge in der Ereignisanzeige: =========================
 
Applikationsfehler:
==================
Error: (06/22/2017 03:06:10 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll" in Zeile 19.
Der Wert "6.0.0.6u9b41" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error: (06/22/2017 03:06:09 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe" in Zeile 19.
Der Wert "6.0.0.6u9b41" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error: (06/22/2017 03:05:01 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error: (06/21/2017 03:14:14 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe" in Zeile 19.
Der Wert "6.0.0.6u9b41" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error: (06/21/2017 03:14:14 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll" in Zeile 19.
Der Wert "6.0.0.6u9b41" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error: (06/21/2017 03:13:32 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error: (06/20/2017 03:51:27 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe" in Zeile 19.
Der Wert "6.0.0.6u9b41" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error: (06/20/2017 03:51:27 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack.dll" in Zeile 19.
Der Wert "6.0.0.6u9b41" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error: (06/20/2017 03:46:26 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error: (06/19/2017 03:08:42 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\IBM\SPSS\Statistics\19\JRE\bin\unpack200.exe" in Zeile 19.
Der Wert "6.0.0.6u9b41" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
 
Systemfehler:
=============
Error: (06/22/2017 01:31:04 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error: (06/22/2017 01:28:00 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (06/22/2017 01:28:00 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (06/22/2017 01:27:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Benutzerdienst für die Plattform für verbundene Geräte_a70e4" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler
 
Error: (06/22/2017 01:23:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PDF24" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 
Error: (06/22/2017 01:23:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PDF24 erreicht.
 
Error: (06/22/2017 01:23:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClickToRunSvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 
Error: (06/22/2017 01:23:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ClickToRunSvc erreicht.
 
Error: (06/22/2017 01:23:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PowerBiosServer" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
 
Error: (06/22/2017 01:23:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PowerBiosServer erreicht.
 
 
CodeIntegrity:
===================================
  Date: 2017-05-09 04:16:09.556
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-05-09 04:16:09.499
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-05-09 04:00:01.101
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-05-09 03:59:59.958
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Speicherinformationen =========================== 
 
Prozessor: Intel® Core™ i7-4710MQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 8015.5 MB
Verfügbarer physikalischer RAM: 3841.71 MB
Summe virtueller Speicher: 10319.5 MB
Verfügbarer virtueller Speicher: 6103.5 MB
 
==================== Laufwerke ================================
 
Drive c: (Windows) (Fixed) (Total:454.35 GB) (Free:61.96 GB) NTFS
 
==================== MBR & Partitionstabelle ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00D65010)
 
Partition: GPT.
 
==================== Ende von Addition.txt ============================

Edited by Max1234, 22 June 2017 - 02:48 AM.

  • 0

#4
Valinorum
Posted 23 June 2017 - 01:52 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
You forgot to post the FRST.txt log. You only posted the Addition.txt log.
  • 0

#5
Max1234
Posted 26 June 2017 - 02:02 AM

Max1234

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Hi, Thanks for youre reply. Sorry for the fail, I'll post the FRST.txt log as soon as I get back home from work today. Thanks for the patience


  • 0

#6
Max1234
Posted 26 June 2017 - 05:41 PM

Max1234

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Sorry, had to work longer than I thought. Here's the LOG

 

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
durchgeführt von Määx (Administrator) auf DERGIMP (22-06-2017 10:41:13)
Gestartet von C:\Users\Määx\Desktop
Geladene Profile: Määx (Verfügbare Profile: Määx)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Micro Focus, Inc.) C:\Program Files\Novell\iPrint\iprntsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\Chrome\ChromeMessagingHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4688048 2014-05-27] (VIA)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iPrint Tray] => C:\Program Files\Novell\iPrint\iprntctl.exe [39280 2016-07-14] (Micro Focus, Inc.)
HKLM\...\Run: [iPrint Event Monitor] => C:\Program Files\Novell\iPrint\iprntlgn.exe [48496 2016-07-14] (Micro Focus, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-10-13] (Razer Inc.)
HKLM-x32\...\Run: [CheckNDISPortf0acaf] => C:\Program Files (x86)\Hostless Modem\congstar Internet-Manager\CheckNDISPort_df.exe [421632 2013-05-25] ()
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\Hostless Modem\congstar Internet-Manager\CancelAutoPlay_df.exe [446720 2013-05-17] ()
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-11-13] (Razer Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-15] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [6153128 2017-05-22] (LogMeIn Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ACHTUNG
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\Run: [Spotify Web Helper] => C:\Users\Määx\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1449584 2017-05-17] (Spotify Ltd)
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\Run: [Discord] => C:\Users\Määx\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKLM\...\Providers\Novell iPrint Services: C:\Program Files\Novell\iPrint\nippnt.dll [216944 2016-07-14] (Micro Focus, Inc.)
Lsa: [Notification Packages] scecli iPrntWinCredMan
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2015-01-05]
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\HkeyTray.exe (CLEVO CO.)
Startup: C:\Users\Määx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-01-26] ()
 
==================== Internet (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2a2b4ab1-e146-420c-a4be-1aba9c634202}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b5915a58-a2d4-472c-8643-81ee73736997}: [DhcpNameServer] 192.168.178.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: TSC Internet Explorer BHO -> {12BE9EF0-90BE-4FA8-8341-78157FB9132C} -> C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\InternetExplorer\InternetExplorerBHO.dll [2015-09-29] (TechSmith Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-01] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-20] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-01] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-2590566765-4154940034-2529162823-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-20] (Microsoft Corporation)
 
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\Firefox\morae_firefox_extension-1.0-fx-windows.xpi
FF Extension: (Morae Firefox Extension) - C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\Firefox\morae_firefox_extension-1.0-fx-windows.xpi [2015-09-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-06-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-18] (Microsoft Corporation)
FF Plugin-x32: @novell.com/iPrint -> C:\Program Files (x86)\Novell\iPrint\npnipp.dll [2016-07-14] (Micro Focus, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2590566765-4154940034-2529162823-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-07-02] ()
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.de/","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1420491428&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9EFB05807","hxxp://www.google.com/"
CHR Profile: C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default [2017-06-22]
CHR Extension: (ProxFlow) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-01-25]
CHR Extension: (Google Präsentationen) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Google Docs) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12]
CHR Extension: (MoraeChromeExtension) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfmjkokphadmhbenfjjecfbhbbonbjcb [2016-06-06]
CHR Extension: (Google-Suche) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Google Tabellen) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Causality Games) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2015-03-26]
CHR Extension: (YouTube Flash Video Player) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\fldkdmkgnlbehfgeifjpjabmandnchpe [2017-04-20]
CHR Extension: (Google Docs Offline) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-19]
CHR Extension: (Avast Online Security) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-08]
CHR Extension: (9GAG Mini) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml [2015-01-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-06]
CHR Extension: (Bing2Google) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoehlfmhfafaiepckjikpphoklijedl [2015-08-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Citavi Picker) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2017-03-03]
CHR Extension: (Super Parking World) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojammejccpcganmfhlfoobhfodchalhm [2015-01-06]
CHR Extension: (Google Mail) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-15]
CHR HKU\S-1-5-21-2590566765-4154940034-2529162823-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cfmjkokphadmhbenfjjecfbhbbonbjcb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
 
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3760040 2017-05-22] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
R2 iprntsrv; C:\Program Files\Novell\iPrint\iprntsrv.exe [36720 2016-07-14] (Micro Focus, Inc.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-15] (Geek Software GmbH)
S2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [23552 2014-05-27] (CLEVO CO.) [Datei ist nicht signiert]
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-11-13] (Razer Inc.)
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-10-14] (Razer Inc)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-11-02] (Synaptics Incorporated)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [41952 2016-10-27] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
 
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R3 AirplaneModeHid; C:\WINDOWS\system32\DRIVERS\AirplaneModeHid.sys [33488 2015-06-25] (Insyde Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [85552 2017-03-23] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-03-23] (REALiX™)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3524368 2016-01-26] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvcvwu.inf_amd64_166fee8ea72cb783\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [950784 2017-04-23] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [781792 2017-03-23] (Realsil Semiconductor Corporation)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows ® Win 7 DDK provider)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-11-02] (Synaptics Incorporated)
R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Windows ® Win 7 DDK provider)
R3 VMfilt; C:\WINDOWS\system32\drivers\VMfilt64.sys [50904 2016-10-27] (Creative Technology Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
 
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 
==================== Ein Monat: Erstellte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2017-06-22 10:41 - 2017-06-22 10:41 - 00027385 _____ C:\Users\Määx\Desktop\FRST.txt
2017-06-22 10:38 - 2017-06-22 10:41 - 00000000 ____D C:\FRST
2017-06-22 10:38 - 2017-06-22 10:38 - 02439680 _____ (Farbar) C:\Users\Määx\Desktop\FRST64.exe
2017-06-22 10:37 - 2017-06-22 10:37 - 01778688 _____ (Farbar) C:\Users\Määx\Downloads\FRST.exe
2017-06-22 05:56 - 2017-06-22 05:56 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-22 01:34 - 2017-06-22 01:34 - 00003132 _____ C:\Users\Määx\Desktop\AdwCleaner[C0].txt
2017-06-22 01:04 - 2017-06-22 01:20 - 00000000 ____D C:\AdwCleaner
2017-06-22 01:04 - 2017-06-22 01:04 - 04110280 _____ C:\Users\Määx\Downloads\AdwCleaner.exe
2017-06-21 08:10 - 2017-06-21 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-06-21 08:10 - 2017-06-21 08:10 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-06-21 08:09 - 2017-06-21 08:10 - 00000176 _____ C:\Users\Default\BullseyeCoverageError.txt
2017-06-15 23:43 - 2017-06-15 23:43 - 00001703 _____ C:\Users\Määx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tardsplaya.lnk
2017-06-15 23:26 - 2017-06-15 23:27 - 00000000 ____D C:\Users\Määx\Downloads\TardsplayaNew
2017-06-15 23:24 - 2017-06-15 23:25 - 00984053 _____ C:\Users\Määx\Downloads\TardsplayaNew.zip
2017-06-15 23:24 - 2017-06-15 23:24 - 00000000 ____D C:\Users\Määx\Downloads\tardsplaya_1.0.0.5
2017-06-15 23:21 - 2017-06-15 23:21 - 00000000 ____D C:\Users\Määx\AppData\Roaming\WinRAR
2017-06-15 23:21 - 2017-06-15 23:21 - 00000000 ____D C:\Users\Määx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-15 23:21 - 2017-06-15 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-15 23:19 - 2017-06-15 23:21 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-06-15 23:18 - 2017-06-15 23:18 - 01609145 _____ C:\Users\Määx\Downloads\wrar420d.exe
2017-06-15 23:13 - 2017-06-15 23:15 - 10580340 _____ C:\Users\Määx\Downloads\tardsplaya_1.0.0.5.7z
2017-06-15 21:29 - 2017-06-16 08:48 - 03576211 _____ C:\Users\Määx\Downloads\Ein langer weg zum Glück_Der Test (1).pptx
2017-06-15 02:55 - 2017-06-15 02:55 - 04217656 _____ (Microsoft Corporation) C:\Users\Määx\Downloads\Setup.X86.de-de_O365ProPlusRetail_07b21a80-7838-4927-b3f6-fc47c43cdbca_TX_DB_b_32_.exe
2017-06-14 01:39 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 01:39 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 01:39 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 01:39 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 01:39 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 01:39 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 01:39 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 01:39 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 01:39 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 01:39 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 01:39 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 01:39 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 01:39 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 01:39 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 01:39 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 01:39 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 01:39 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 01:39 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 01:39 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 01:39 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 01:39 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 01:39 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 01:39 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 01:39 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 01:39 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 01:39 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 01:39 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 01:39 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 01:39 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 01:39 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 01:39 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 01:39 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 01:39 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 01:39 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 01:39 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 01:39 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 01:39 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 01:39 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 01:39 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 01:39 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 01:39 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 01:39 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 01:39 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 01:39 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 01:39 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 01:39 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 01:39 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 01:39 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 01:39 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 01:39 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 01:39 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 01:39 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 01:39 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 01:39 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 01:39 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 01:39 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 01:38 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 01:38 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 01:38 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 01:38 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 01:38 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 01:38 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 01:38 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 01:38 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 01:38 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 01:38 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 01:38 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 01:38 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 01:38 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 01:38 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 01:38 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 01:38 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 01:38 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 01:38 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 01:38 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 01:38 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 01:38 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 01:38 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 01:38 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 01:38 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 01:38 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 01:38 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 01:38 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 01:38 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 01:38 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 01:38 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 01:38 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 01:38 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 01:38 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 01:38 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 01:38 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 01:38 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 01:38 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 01:38 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 01:38 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 01:38 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 01:38 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 01:38 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 01:38 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 01:38 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 01:38 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 01:38 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 01:38 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 01:38 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 01:38 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 01:38 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-06 20:26 - 2017-06-06 20:26 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-05 23:12 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-05 23:12 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-05 23:12 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-05 23:12 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-05 23:12 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-05 23:12 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-05 23:12 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-05 23:12 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-05 23:12 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-05 23:12 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-05 23:12 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-05 23:12 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-05 23:12 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-05 23:12 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-05 23:12 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-05 23:12 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-05 23:12 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-05 23:12 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-05 23:12 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-05 23:12 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-05 23:12 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-05 23:12 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-05 23:12 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-05 23:12 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-05 23:12 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-05 23:12 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-05 23:12 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-05 23:12 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-05 23:12 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-05 23:12 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-05 23:12 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-05 23:12 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-05 23:12 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-05 23:12 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-05 23:12 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-05 23:12 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-05 23:12 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-05 23:12 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-05 23:12 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-05 23:12 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-05 23:12 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-05 23:12 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-05 23:12 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-05 23:12 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-05 23:12 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-05 23:12 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-05 23:12 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-05 23:12 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-05 23:12 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-05 23:12 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-05 23:12 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-05 23:12 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-05 23:12 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-05 23:12 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-05 23:12 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-05 23:12 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-05 23:12 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-05 23:12 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-05 23:12 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-05 23:12 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-05 23:12 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-05 23:12 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-05 23:12 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-05 23:12 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-05 23:12 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-05 23:12 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-05 23:12 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-05 23:12 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-05 23:12 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-05 23:12 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-05 23:12 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-05 23:12 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-05 23:12 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-05 23:12 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-05 23:12 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-05 23:12 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-05 23:12 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-05 23:12 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-05 23:12 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-05 23:12 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-05 23:12 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-05 23:12 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-05 23:12 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-05 23:12 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-05 23:12 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-05 23:12 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-05 23:12 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-05 23:12 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-05 23:12 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-05 23:12 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-05 23:12 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-05 23:12 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-05 23:12 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-05 23:12 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-05 23:12 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-05 23:12 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-05 23:12 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-05 23:12 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-05 23:12 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-05 23:12 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-05 23:12 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-05 23:12 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-05 23:12 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-05 23:12 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-05 23:12 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-05 23:12 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-05 23:12 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-05 23:12 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-05 23:12 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-05 23:12 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-05 23:12 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-05 23:12 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-05 23:12 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-05 23:12 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-05 23:12 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-05 23:12 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-05 23:12 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-05 23:12 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-05 23:12 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-05 23:12 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-05 23:12 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-05 23:12 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-05 23:12 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-05 23:12 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-05 23:12 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-05 23:12 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-05 23:12 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-05 23:11 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-05 23:11 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-05 23:11 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-05 23:11 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-05 23:11 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-05 23:11 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-05 23:11 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-05 23:11 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-05 23:11 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-05 23:11 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-05 23:11 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-05 23:11 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-05 23:11 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-05 23:11 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-05 23:11 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-05 23:11 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-05 23:11 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-05 23:11 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-05 23:11 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-05 23:11 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-05 23:11 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-05 23:11 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-05 23:11 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-05 23:11 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-05 23:11 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-05 23:11 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-05 23:11 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-05 23:11 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-05 23:11 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-05 23:11 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-05 23:11 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-05 23:11 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-05 23:11 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-05 23:11 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-05 23:11 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-05 23:11 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-05 23:11 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-05 23:11 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-05 23:11 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-03 12:03 - 2017-06-03 12:03 - 00084690 _____ C:\Users\Määx\Downloads\Prüfungsanmeldung.pdf
 
==================== Ein Monat: Geänderte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2017-06-22 10:34 - 2017-05-08 19:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-22 08:53 - 2016-02-15 22:10 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-06-22 08:35 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-22 08:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-22 07:37 - 2017-05-08 19:54 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1450D792-130A-48A4-AF39-B909847FDF67}
2017-06-22 01:33 - 2017-05-08 19:53 - 00003018 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Määx)
2017-06-22 01:31 - 2017-05-08 19:53 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-06-22 01:28 - 2017-05-08 19:46 - 03624088 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-22 01:28 - 2017-05-08 19:21 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-22 01:28 - 2017-03-20 06:35 - 01768048 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-22 01:28 - 2017-03-20 06:35 - 00432102 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-22 01:28 - 2015-01-05 21:44 - 00000000 __SHD C:\Users\Määx\IntelGraphicsProfiles
2017-06-22 01:27 - 2016-09-29 04:51 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-22 01:22 - 2017-05-08 19:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-22 01:21 - 2017-05-08 19:24 - 00000000 ____D C:\Users\Määx
2017-06-22 01:21 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-22 00:51 - 2015-01-06 08:56 - 00000000 ____D C:\Users\Määx\AppData\Local\Spotify
2017-06-22 00:05 - 2015-01-06 08:54 - 00000000 ____D C:\Users\Määx\AppData\Roaming\Spotify
2017-06-21 20:20 - 2015-01-06 10:10 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-21 20:07 - 2017-05-08 19:15 - 00462224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-21 09:02 - 2015-01-07 19:49 - 00000000 ____D C:\Users\Määx\AppData\Roaming\TS3Client
2017-06-21 08:12 - 2016-09-29 05:07 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-06-21 08:12 - 2016-09-29 05:07 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-06-20 21:29 - 2017-05-04 02:08 - 00000000 ____D C:\Users\Määx\AppData\Roaming\discord
2017-06-20 03:50 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-20 03:48 - 2015-01-06 08:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-06-20 01:13 - 2015-04-28 11:34 - 00000000 ____D C:\Users\Määx\AppData\Roaming\Skype
2017-06-18 22:07 - 2017-03-23 20:46 - 00000000 ____D C:\ProgramData\ProductData
2017-06-18 22:07 - 2017-03-23 20:44 - 00002376 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-06-17 03:51 - 2017-05-08 19:53 - 00004588 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-17 03:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-15 21:54 - 2015-01-05 20:54 - 00000000 ____D C:\Users\Määx\AppData\Local\Packages
2017-06-14 20:22 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 18:42 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-14 18:37 - 2015-01-05 20:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 06:27 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 06:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 06:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 01:49 - 2015-01-08 01:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 01:43 - 2015-01-08 01:33 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-11 23:58 - 2017-03-15 20:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-11 23:58 - 2015-04-28 11:34 - 00000000 ____D C:\ProgramData\Skype
2017-06-08 06:06 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-08 06:05 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-08 06:05 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-08 06:05 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-08 06:05 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-08 06:05 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-08 06:05 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-03 08:32 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:32 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-01 19:46 - 2017-05-08 19:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-31 22:10 - 2017-05-08 19:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-31 22:10 - 2016-05-03 13:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-31 20:30 - 2017-05-08 19:54 - 00004028 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1466278783
2017-05-31 20:30 - 2016-06-18 21:39 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-26 10:44 - 2017-05-08 19:53 - 00003376 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-05-26 10:44 - 2017-03-23 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
 
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 
2015-01-06 13:33 - 2015-01-06 13:21 - 0012005 _____ () C:\Users\Määx\AppData\Roaming\alsoft.ini
2016-02-13 19:04 - 2016-02-13 19:04 - 0000960 _____ () C:\Users\Määx\AppData\Local\psppirerc
2016-12-12 01:25 - 2016-12-12 01:25 - 0004738 _____ () C:\Users\Määx\AppData\Local\recently-used.xbel
2016-11-02 22:19 - 2016-11-02 22:19 - 0007605 _____ () C:\Users\Määx\AppData\Local\Resmon.ResmonCfg
2016-12-22 00:02 - 2016-12-22 00:02 - 0000032 RSHOT () C:\Users\Määx\AppData\Local\t80.dat
 
Einige Dateien in TEMP:
====================
2017-05-09 21:54 - 2017-02-03 15:20 - 1342792 _____ (Andy OS, inc.) C:\Users\Määx\AppData\Local\Temp\RemoveTemp.exe
 
==================== Bamital & volsnap ======================
 
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
LastRegBack: 2017-06-20 04:03
 
==================== Ende von FRST.txt ============================

  • 0

#7
Valinorum
Posted 29 June 2017 - 04:58 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
  • Step #1 Scan with Zemana Anti-malware
    Download and install Zemana anti-malware from here.
    • Double-click to run the software;
    • Click on the gear-icon on the top right portion to navigate to Settings.
      • Click on Scan > put a tick on Create System Restore
      • Clickk on Advanced > put a tick on Check for Suspicious Root Certificates
    • Click the home icon on top left and click on Scan
    • After scan finishes click on the report tab on the top right corner;
    • Choose the latest report by clicking on it and click on Open Report afterward.
    • Copy and Paste the contents of the report in your next reply.

  • 0

#8
Max1234
Posted 29 June 2017 - 01:29 PM

Max1234

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thanks for you're help. Here is the report:

 

Zemana AntiMalware 2.74.2.76 (Installed)
 
-------------------------------------------------------
 
 
Scan Result            : Completed
Scan Date              : 2017.6.29
Operating System       : Windows 10 64-bit
Processor              : 8X Intel® Core™ i7-4710MQ CPU @ 2.50GHz
BIOS Mode              : UEFI
CUID                   : 1230934D544E79ACEAFFB2
Scan Type              : System Scan
Duration               : 48m 12s
Scanned Objects        : 239174
Detected Objects       : 6
Excluded Objects       : 0
Read Level             : Normal
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
Chrome Startup Url
Status             : Scanned
Object             : http://isearch.omiga..._S2ZYJ9EFB05807
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Startup Url
 
VLC media player 32 Bit - CHIP-Installer.exe
Status             : Scanned
Object             : %userprofile%\downloads\vlc media player 32 bit - chip-installer.exe
MD5                : BB02C7944A492BB071C9A59D683A06B0
Publisher          : CHIP Digital GmbH
Size               : 1197344
Version            : 1.1.0.0
Detection          : PUA:Win32/CHIP.AdsDownloader!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\vlc media player 32 bit - chip-installer.exe
 
PC Wecker Letzte Freeware Version - CHIP-Installer.exe
Status             : Scanned
Object             : %userprofile%\downloads\pc wecker letzte freeware version - chip-installer.exe
MD5                : 0FB86B12363985096E92955F42244DC0
Publisher          : CHIP Digital GmbH
Size               : 1203488
Version            : 1.0.7.2
Detection          : PUA:Win32/CHIP.AdsDownloader!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\pc wecker letzte freeware version - chip-installer.exe
 
PDF24 Creator - CHIP-Installer.exe
Status             : Scanned
Object             : %userprofile%\downloads\pdf24 creator - chip-installer.exe
MD5                : FE4E5AFDA23602DD6DD3B4D02092E925
Publisher          : CHIP Digital GmbH
Size               : 1496584
Version            : 2.1.3.1
Detection          : PUA:Win32/CHIP.AdsDownloader!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\pdf24 creator - chip-installer.exe
 
microsoft_word.exe
Status             : Scanned
Object             : %userprofile%\downloads\microsoft_word.exe
MD5                : CC6FE3EF0FF3D0A528F365A3EFF77CE8
Publisher          : BULLY UNITY LTD
Size               : 1382784
Version            : 0.0.0.0
Detection          : Adware:Win32/AutoBulk.a1488e!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\microsoft_word.exe
 
Free 3GP Video Converter - CHIP-Installer.exe
Status             : Scanned
Object             : %userprofile%\downloads\free 3gp video converter - chip-installer.exe
MD5                : 1D1B3B7B8D585ACAF69A180D38E4FE75
Publisher          : CHIP Digital GmbH
Size               : 1198368
Version            : 1.0.7.1
Detection          : PUA:Win32/CHIP.AdsDownloader!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\free 3gp video converter - chip-installer.exe

  • 0

#9
Valinorum
Posted 30 June 2017 - 02:05 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Uninstall the following program:
  • Free 3GP Video Converter version 5.0.56.128
  • Free YouTube Download version 3.2.60.713
  • Step #1 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ACHTUNG
CHR StartupUrls: Default -> "hxxp://google.de/","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1420491428&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9EFB05807","hxxp://www.google.com/"
CHR Extension: (Citavi Picker) - C:\Users\Määx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2017-03-03]
CHR HKLM-x32\...\Chrome\Extension: [cfmjkokphadmhbenfjjecfbhbbonbjcb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
cmd: bitsadmin /reset /allusers
cmd: ipconfig /flushdns
End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.

  • 0

#10
Max1234
Posted 03 July 2017 - 02:38 PM

Max1234

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Hey there thanks for your reply and sorry for the delayed answer. Weekend and stuff

I did as you instructed and here is the log:
 

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-07-2017 01
durchgeführt von Määx (03-07-2017 22:12:03) Run:1
Gestartet von C:\Users\Määx\Desktop
Geladene Profile: Määx (Verfügbare Profile: Määx)
Start-Modus: Normal
==============================================
 
fixlist Inhalt:
*****************
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ACHTUNG
CHR StartupUrls: Default -> "hxxp://google.de/","hxxp://isearch.omiga-plus.com/?type=hppp&ts=1420491428&from=tugs&uid=ST500LM012XHN-M500MBB_S2ZYJ9EFB05807","hxxp://www.google.com/"
CHR Extension: (Citavi Picker) - C:\Users\M��x\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2017-03-03]
CHR HKLM-x32\...\Chrome\Extension: [cfmjkokphadmhbenfjjecfbhbbonbjcb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
cmd: bitsadmin /reset /allusers
cmd: ipconfig /flushdns
End
*****************
 
Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ACHTUNG => erfolgreich wiederhergestellt
Chrome StartupUrls => erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cfmjkokphadmhbenfjjecfbhbbonbjcb => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ohgndokldibnndfnjnagojmheejlengn => Schlüssel erfolgreich entfernt
 
========= bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to connect to BITS - 0x80070422
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Ger„ten verbunden.
 
 
 
========= Ende von CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows-IP-Konfiguration
 
Der DNS-Aufl”sungscache wurde geleert.
 
========= Ende von CMD: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21301878 B
Java, Flash, Steam htmlcache => 88703500 B
Windows/system/drivers => 73072225 B
Edge => 5382 B
Chrome => 743303773 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13980 B
NetworkService => 6630 B
Määx => 403407001 B
 
RecycleBin => 3855393 B
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.
 
================================
 
 
Das System musste neu gestartet werden.
 
==== Ende von Fixlog 22:23:23 ====

  • 0

#11
Valinorum
Posted 05 July 2017 - 06:11 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
  • Step #3 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Option and put a tick mark on everything;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart. If not, it is located in C:\AdwCleaner\AdwCleaner[CX].txt, where X is replaced with a number;
    • Copy and Paste the contents of this log in your reply.
 
  • Step #4 ESET Online Scanner
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Download esetsmartinstaller_enu.exe by clicking here.
    • Right-click on the program and choose Run as administrator.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting check the following box --
      • Enable detection for potentially unwanted programs
    • Click on Advanced Setting --
      • Check the box beside Remove Found Threats;
      • Check the box beside Scan archives
      • Check the box beside Scan for potentially unsafe applications
      • Check the box beside Enable Anti-Stealth Technology
    • Click on Start and wait for the virus signature database to update.
    • The online scan will begin automatically and can take several hours.
      • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
    • After the Scan finishes --
      • If no threats were found:
        • Put a checkmark in Uninstall application on close.
        • Close the program and report that nothing was found
      • If threats were found:
        • Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
        • Copy and Paste contents of the log file in your next reply.
    Note: Enable your security programs afterwards.
  •  



  • 0

#12
Jr0x
Posted 20 July 2017 - 07:45 AM

Jr0x

    Malware removal team

  • Malware Removal
  • 1,830 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP