Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.01.2017, 20:09   #1
Sueyuki
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



Hallo erstmal,

vor einigen Tagen habe ich mir eine art reparurprogramm für das spiel GTA V gedownloaded von chip online. doch wie mir aufgefallen ist hat diese datei nix gemacht und ich versuchte es nochmal zu downloaden. diesmal hies die datei jedoch anders und es funktionierte. als ich nun die andere datei löschen wollte ging das nicht mehr da sie momentan ausgeführt wird. mir fiel auf das es eine ISO datei war.

mein virenschutzprogramm G DATA scannte meinen ganzen pc, fand jedoch nix. die datei verschwand erst nachdem ich das ganze spiel deinstalliert habe.

jedoch öffnen sich im browser abundzu von alleine tabs und aufdringliche werbung trotz addblocker.

hab schon alle erweiterungen/programme durchsucht aber keine davon sind mir unbekannt

bin schon viele schritte durchgegangen die vorgeschlagen worden sind mit malware cleanern etc.

brauche dringend hilfe ._.

Alt 18.01.2017, 20:36   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



hi,

Zitat:
gedownloaded von chip online
Keine Downloads mehr von CHIP.de!!!

Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen



Zitat:
bin schon viele schritte durchgegangen die vorgeschlagen worden sind mit malware cleanern etc.
Logs dazu?

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 18.01.2017, 20:54   #3
Sueyuki
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



vielen dank für die schnelle antwort.
ich werde mich morgen nochmal ransetzen und die logfiles hochladen..
rein aus interesse. da der pc noch relativ neu sind , sind da keine persönlichen daten drauf. werden durch ein " auf werkseinstellung wiederherstellen" auch alle viren/malware etc gelöscht? oder muss ich da wirklich alles formatieren und per cd neu windows raufspielen?

vielen dank das sie so schnell geantworter haben

mfg sueyuki
__________________

Alt 18.01.2017, 21:00   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



Werkseinstellungen: Handbuch lesen, Anweisungen folgen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.01.2017, 21:03   #5
Sueyuki
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



schon klar aber entfernt das auch wirklich alle viren malware etc.?

sorry das ich so viel frage aber ich kenne mich nicht so gut aus^~^


Alt 18.01.2017, 21:06   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



Ja, denn es macht was es soll: den PC in den Zusatnd zurückversetzen, der direkt beim ersten Einschalten so war

Alternativ: Windows ISO downloaden und brennen, davon booten und manuell neu installieren

Noch ne Alternative: Linux verwenden vgl https://wiki.ubuntuusers.de/Einsteiger/
__________________
--> Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen

Alt 19.01.2017, 18:02   #7
Sueyuki
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 19.01.2017
Suchlaufzeit: 17:15
Protokolldatei: 
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.01.19.05
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Sueyuki

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 321759
Abgelaufene Zeit: 5 Min., 23 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         






Ist das so richtig?
Sind die Logfiles von Malwarebytes

Code:
ATTFilter
OTL logfile created on: 19.01.2017 17:36:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\User\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,94 Gb Total Physical Memory | 9,33 Gb Available Physical Memory | 58,50% Memory free
18,32 Gb Paging File | 9,90 Gb Available in Paging File | 54,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 255,68 Gb Total Space | 63,57 Gb Free Space | 24,86% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 887,13 Gb Free Space | 95,24% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-D193TCD | User Name: Sueyuki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2017.01.19 17:35:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2017.01.19 11:50:39 | 014,216,168 | ---- | M] (Blizzard Entertainment) -- E:\Battle.net\Battle.net.8288\Battle.net.exe
PRC - [2017.01.19 11:50:38 | 001,448,936 | ---- | M] () -- E:\Battle.net\Battle.net.8288\Battle.net Helper.exe
PRC - [2017.01.18 13:04:47 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
PRC - [2017.01.12 16:36:24 | 004,581,368 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClient.exe
PRC - [2017.01.12 16:36:24 | 003,461,112 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClientUx.exe
PRC - [2017.01.11 00:24:13 | 004,722,152 | ---- | M] (Blizzard Entertainment) -- C:\ProgramData\Battle.net\Agent\Agent.5362\Agent.exe
PRC - [2017.01.06 02:10:32 | 000,427,064 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
PRC - [2017.01.06 02:10:31 | 000,427,064 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
PRC - [2017.01.06 02:10:30 | 015,534,648 | ---- | M] (Node.js) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
PRC - [2017.01.06 02:10:24 | 001,432,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
PRC - [2017.01.04 13:48:56 | 000,054,512 | ---- | M] (Overwolf LTD) -- C:\Program Files (x86)\Overwolf\Overwolf.exe
PRC - [2017.01.04 13:48:54 | 000,084,208 | ---- | M] (Overwolf LTD) -- C:\Program Files (x86)\Common Files\Overwolf\0.101.213.0\OverwolfHelper.exe
PRC - [2017.01.04 13:45:58 | 000,470,064 | ---- | M] (Overwolf LTD) -- C:\Program Files (x86)\Overwolf\0.101.213.0\OverwolfTSHelper.exe
PRC - [2017.01.02 16:42:22 | 007,153,264 | ---- | M] (Spotify Ltd) -- C:\Users\User\AppData\Roaming\Spotify\Spotify.exe
PRC - [2017.01.02 16:42:22 | 001,444,976 | ---- | M] (Spotify Ltd) -- C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe
PRC - [2017.01.02 16:42:22 | 000,489,072 | ---- | M] (Spotify Ltd) -- C:\Users\User\AppData\Roaming\Spotify\SpotifyCrashService.exe
PRC - [2016.12.30 16:07:34 | 077,359,760 | ---- | M] (GIGABYTE Technology Co.,Ltd.) -- C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe
PRC - [2016.12.20 03:25:40 | 002,186,528 | ---- | M] (Valve Corporation) -- E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
PRC - [2016.12.20 03:25:40 | 001,467,168 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2016.12.20 03:25:38 | 002,876,704 | ---- | M] (Valve Corporation) -- E:\Steam\Steam.exe
PRC - [2016.12.19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.12.14 22:01:12 | 000,275,224 | ---- | M] (Razer, Inc.) -- C:\Users\User\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
PRC - [2016.12.14 22:00:25 | 000,259,864 | ---- | M] (Razer, Inc.) -- C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
PRC - [2016.12.13 15:12:15 | 005,012,616 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2016.12.11 19:47:56 | 000,459,832 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
PRC - [2016.11.30 06:33:45 | 002,505,704 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G DATA\TotalSecurity\AVKTray\AVKTray.exe
PRC - [2016.11.04 14:57:18 | 000,596,640 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2016.10.18 08:24:54 | 000,069,744 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
PRC - [2016.09.30 10:23:10 | 004,072,264 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G DATA\TotalSecurity\AVKBackup\AVKBackupService.exe
PRC - [2016.09.30 04:59:14 | 002,678,600 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G DATA\TotalSecurity\GUI\GDSC.exe
PRC - [2016.09.27 03:53:48 | 000,822,600 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2016.09.25 00:21:05 | 000,189,264 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
PRC - [2016.09.15 05:03:05 | 002,453,320 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G DATA\TotalSecurity\AVKTuner\AVKTunerService.exe
PRC - [2016.09.15 04:52:59 | 001,338,696 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
PRC - [2016.09.15 04:29:24 | 002,513,736 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G DATA\TotalSecurity\Firewall\GDFirewallTray.exe
PRC - [2016.09.15 03:51:31 | 000,984,904 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G DATA\TotalSecurity\AVK\AVKService.exe
PRC - [2016.08.19 09:12:46 | 000,298,448 | ---- | M] () -- C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
PRC - [2016.03.10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
PRC - [2016.03.10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
PRC - [2016.03.10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
PRC - [2014.07.01 13:41:27 | 000,255,608 | ---- | M] (G DATA Software) -- C:\Program Files (x86)\G DATA\TotalSecurity\TSNxG\TSNxGService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2017.01.19 11:51:40 | 000,540,336 | ---- | M] () -- E:\Battle.net\Battle.net.8288\ortp.dll
MOD - [2017.01.19 11:51:38 | 003,384,832 | ---- | M] () -- E:\Battle.net\Battle.net.8288\libGLESv2.dll
MOD - [2017.01.19 11:51:35 | 037,247,976 | ---- | M] () -- E:\Battle.net\Battle.net.8288\libcef.dll
MOD - [2017.01.19 11:51:35 | 000,133,632 | ---- | M] () -- E:\Battle.net\Battle.net.8288\libEGL.dll
MOD - [2017.01.19 11:51:10 | 000,990,696 | ---- | M] () -- E:\Battle.net\Battle.net.8288\ffmpegsumo.dll
MOD - [2017.01.19 11:50:38 | 001,448,936 | ---- | M] () -- E:\Battle.net\Battle.net.8288\Battle.net Helper.exe
MOD - [2017.01.12 16:36:30 | 001,041,408 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
MOD - [2017.01.12 16:36:30 | 000,709,632 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
MOD - [2017.01.12 16:36:30 | 000,632,320 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
MOD - [2017.01.12 16:36:29 | 003,335,680 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
MOD - [2017.01.12 16:36:29 | 000,732,672 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
MOD - [2017.01.12 16:36:29 | 000,697,856 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
MOD - [2017.01.12 16:36:29 | 000,668,160 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
MOD - [2017.01.12 16:36:29 | 000,657,408 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
MOD - [2017.01.12 16:36:29 | 000,622,080 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-team-boosts\rcp-be-lol-team-boosts.dll
MOD - [2017.01.12 16:36:29 | 000,606,720 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
MOD - [2017.01.12 16:36:28 | 002,015,232 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
MOD - [2017.01.12 16:36:28 | 000,934,400 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
MOD - [2017.01.12 16:36:28 | 000,780,288 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
MOD - [2017.01.12 16:36:28 | 000,685,568 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
MOD - [2017.01.12 16:36:28 | 000,630,272 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
MOD - [2017.01.12 16:36:28 | 000,571,392 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
MOD - [2017.01.12 16:36:27 | 002,523,648 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
MOD - [2017.01.12 16:36:27 | 000,955,904 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
MOD - [2017.01.12 16:36:27 | 000,825,856 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
MOD - [2017.01.12 16:36:27 | 000,737,280 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
MOD - [2017.01.12 16:36:27 | 000,674,304 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
MOD - [2017.01.12 16:36:27 | 000,663,040 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-parties\rcp-be-lol-parties.dll
MOD - [2017.01.12 16:36:26 | 001,558,528 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
MOD - [2017.01.12 16:36:26 | 001,043,968 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
MOD - [2017.01.12 16:36:26 | 000,898,048 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
MOD - [2017.01.12 16:36:26 | 000,594,944 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-kudos\rcp-be-lol-kudos.dll
MOD - [2017.01.12 16:36:26 | 000,557,056 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
MOD - [2017.01.12 16:36:25 | 002,491,392 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
MOD - [2017.01.12 16:36:25 | 001,705,472 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
MOD - [2017.01.12 16:36:25 | 001,121,280 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
MOD - [2017.01.12 16:36:25 | 000,862,208 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
MOD - [2017.01.12 16:36:25 | 000,852,992 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
MOD - [2017.01.12 16:36:25 | 000,820,224 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
MOD - [2017.01.12 16:36:25 | 000,707,584 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
MOD - [2017.01.12 16:36:25 | 000,690,176 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
MOD - [2017.01.12 16:36:25 | 000,638,976 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
MOD - [2017.01.12 16:36:25 | 000,559,616 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
MOD - [2017.01.12 16:36:25 | 000,543,744 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
MOD - [2017.01.12 16:36:24 | 004,581,368 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClient.exe
MOD - [2017.01.12 16:36:24 | 003,461,112 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\LeagueClientUx.exe
MOD - [2017.01.12 16:36:24 | 001,177,088 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
MOD - [2017.01.12 16:36:24 | 000,702,464 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
MOD - [2017.01.12 16:36:24 | 000,600,576 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-beta-opt-in\rcp-be-lol-beta-opt-in.dll
MOD - [2017.01.12 16:36:24 | 000,580,096 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
MOD - [2017.01.12 16:36:23 | 000,159,224 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\libexpat.dll
MOD - [2017.01.07 10:22:31 | 019,716,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a390fa28b40e5b0bfd357371211f470d\System.ServiceModel.ni.dll
MOD - [2017.01.07 10:22:20 | 001,153,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\a280fac0c231c9d6d5f1274c2180d594\System.Management.ni.dll
MOD - [2017.01.07 10:22:20 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d842ac6dc0b94d7516b2d43a62b8f4d7\System.ServiceModel.Internals.ni.dll
MOD - [2017.01.07 10:22:20 | 000,117,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1b144b0155aa14719ac0b83f038abbd5\SMDiagnostics.ni.dll
MOD - [2017.01.07 10:22:19 | 000,219,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\010ca03bc4ce0e90aba17cf53dfaa3b0\System.ServiceProcess.ni.dll
MOD - [2017.01.07 10:22:19 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75ed56cf95fe6228472b5e57ac7a76b7\UIAutomationTypes.ni.dll
MOD - [2017.01.07 10:22:18 | 007,882,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\720259e39ef1331fa96a3242ad50f25a\System.Data.ni.dll
MOD - [2017.01.07 10:22:15 | 000,252,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\27950df85d9f41bc598059975e6f65a0\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2017.01.07 10:22:14 | 012,992,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c02fbf560e52a1aab432a90d4c613af4\System.Windows.Forms.ni.dll
MOD - [2017.01.07 10:22:09 | 001,626,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c2abcda8f96d67fa6ff5665fd21dddff\System.Drawing.ni.dll
MOD - [2017.01.06 02:10:31 | 003,776,056 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
MOD - [2017.01.06 02:10:31 | 000,901,688 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
MOD - [2017.01.06 02:10:30 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2017.01.06 02:10:23 | 064,246,840 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
MOD - [2017.01.06 01:09:24 | 002,807,232 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
MOD - [2017.01.06 01:09:24 | 000,527,416 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
MOD - [2017.01.06 01:09:23 | 001,003,456 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
MOD - [2017.01.06 01:09:23 | 000,954,816 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
MOD - [2017.01.06 01:09:23 | 000,516,032 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
MOD - [2017.01.06 01:09:23 | 000,464,952 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
MOD - [2017.01.06 01:09:23 | 000,449,080 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
MOD - [2017.01.06 01:09:23 | 000,384,568 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
MOD - [2017.01.06 01:09:23 | 000,366,136 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
MOD - [2017.01.06 01:09:23 | 000,336,832 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
MOD - [2017.01.06 01:09:23 | 000,252,352 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
MOD - [2017.01.04 13:46:16 | 001,565,128 | ---- | M] () -- C:\Program Files (x86)\Overwolf\0.101.213.0\teamspeak_control_win32.dll
MOD - [2017.01.04 13:45:56 | 067,297,280 | ---- | M] () -- C:\Program Files (x86)\Overwolf\0.101.213.0\libcef.DLL
MOD - [2017.01.02 16:59:38 | 000,681,984 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
MOD - [2017.01.02 16:59:38 | 000,607,744 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
MOD - [2017.01.02 16:59:38 | 000,594,944 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
MOD - [2017.01.02 16:59:38 | 000,582,144 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
MOD - [2017.01.02 16:59:38 | 000,582,144 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
MOD - [2017.01.02 16:59:38 | 000,579,072 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
MOD - [2017.01.02 16:59:38 | 000,564,224 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
MOD - [2017.01.02 16:59:38 | 000,563,200 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
MOD - [2017.01.02 16:59:38 | 000,549,888 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
MOD - [2017.01.02 16:59:38 | 000,547,328 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
MOD - [2017.01.02 16:59:37 | 000,854,016 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
MOD - [2017.01.02 16:59:37 | 000,611,840 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
MOD - [2017.01.02 16:42:22 | 051,777,648 | ---- | M] () -- C:\Users\User\AppData\Roaming\Spotify\libcef.dll
MOD - [2017.01.02 16:42:22 | 001,803,888 | ---- | M] () -- C:\Users\User\AppData\Roaming\Spotify\libglesv2.dll
MOD - [2017.01.02 16:42:22 | 000,110,192 | ---- | M] () -- C:\Users\User\AppData\Roaming\Spotify\SpotifyWinRT.dll
MOD - [2017.01.02 16:42:22 | 000,086,128 | ---- | M] () -- C:\Users\User\AppData\Roaming\Spotify\libegl.dll
MOD - [2017.01.02 16:40:43 | 001,876,448 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\libGLESv2.dll
MOD - [2017.01.02 16:40:43 | 000,585,728 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
MOD - [2017.01.02 16:40:43 | 000,583,680 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-account-settings\rcp-be-lol-account-settings.dll
MOD - [2017.01.02 16:40:43 | 000,552,960 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
MOD - [2017.01.02 16:40:43 | 000,021,984 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\libEGL.dll
MOD - [2017.01.02 16:40:42 | 055,617,504 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.44\deploy\libcef.dll
MOD - [2016.12.20 03:25:44 | 002,322,720 | ---- | M] () -- E:\Steam\video.dll
MOD - [2016.12.20 03:25:40 | 000,838,944 | ---- | M] () -- E:\Steam\bin\chromehtml.dll
MOD - [2016.12.20 03:25:38 | 000,388,384 | ---- | M] () -- E:\Steam\Steam.dll
MOD - [2016.12.08 16:13:58 | 000,656,160 | ---- | M] () -- E:\Steam\SDL2.dll
MOD - [2016.12.05 17:21:16 | 067,304,736 | ---- | M] () -- E:\Steam\bin\cef\cef.win7\libcef.dll
MOD - [2016.12.01 09:59:28 | 000,143,824 | ---- | M] () -- C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
MOD - [2016.10.08 08:13:42 | 050,656,768 | ---- | M] () -- C:\Users\User\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
MOD - [2016.10.08 08:13:42 | 001,874,944 | ---- | M] () -- C:\Users\User\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
MOD - [2016.10.08 08:13:42 | 000,075,264 | ---- | M] () -- C:\Users\User\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
MOD - [2016.09.01 02:02:12 | 004,969,248 | ---- | M] () -- E:\Steam\v8.dll
MOD - [2016.09.01 02:02:06 | 001,563,936 | ---- | M] () -- E:\Steam\icui18n.dll
MOD - [2016.09.01 02:02:06 | 001,195,296 | ---- | M] () -- E:\Steam\icuuc.dll
MOD - [2016.08.19 09:12:46 | 000,298,448 | ---- | M] () -- C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
MOD - [2016.08.18 20:26:22 | 000,225,792 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GvFireware.dll
MOD - [2016.07.16 12:44:20 | 019,611,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\40571abae9422cd2ca6fafbbde1c3cdc\mscorlib.ni.dll
MOD - [2016.07.16 12:44:20 | 010,281,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\08da6b6698b412866e6910ae9b84f363\System.ni.dll
MOD - [2016.07.16 12:44:19 | 007,480,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f6ebd52be27fe627fed0d185c6a9c0d5\System.Core.ni.dll
MOD - [2016.07.13 22:34:29 | 007,472,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7532301b00fac8def2f526ca8b480e11\System.Xml.ni.dll
MOD - [2016.07.13 22:34:29 | 004,079,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\5751e969e4789e60d3ad463cb6024006\WindowsBase.ni.dll
MOD - [2016.07.13 22:34:29 | 001,894,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\04c4f83e0b62ff553abff98943e45f42\System.Xaml.ni.dll
MOD - [2016.07.13 22:34:29 | 000,407,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6e975e2acfc33e1c706f00bf2942e187\System.Xml.Linq.ni.dll
MOD - [2016.07.13 22:34:26 | 002,820,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\213003369298faf75651a6b8981dce12\System.Runtime.Serialization.ni.dll
MOD - [2016.07.13 22:34:26 | 000,994,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\aa9c29b70b4cceab890eb841f89d73e9\System.Configuration.ni.dll
MOD - [2016.07.13 22:34:24 | 019,769,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5272cb4aeec65bec2fffb45e9cb22910\PresentationFramework.ni.dll
MOD - [2016.07.13 22:34:24 | 012,019,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\051a282e157a228405b2e0d867c3ce1d\PresentationCore.ni.dll
MOD - [2016.07.13 22:34:24 | 000,546,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\def8702c6e883330fb8cb8e3f5c5e665\PresentationFramework.Aero2.ni.dll
MOD - [2016.07.04 23:17:58 | 000,266,560 | ---- | M] () -- E:\Steam\openvr_api.dll
MOD - [2016.01.27 08:49:46 | 002,549,760 | ---- | M] () -- E:\Steam\libavcodec-56.dll
MOD - [2016.01.27 08:49:46 | 000,491,008 | ---- | M] () -- E:\Steam\libavformat-56.dll
MOD - [2016.01.27 08:49:46 | 000,485,888 | ---- | M] () -- E:\Steam\libswscale-3.dll
MOD - [2016.01.27 08:49:46 | 000,442,880 | ---- | M] () -- E:\Steam\libavutil-54.dll
MOD - [2016.01.27 08:49:46 | 000,332,800 | ---- | M] () -- E:\Steam\libavresample-2.dll
MOD - [2015.09.25 00:52:04 | 000,119,208 | ---- | M] () -- E:\Steam\winh264.dll
MOD - [2014.05.01 02:49:48 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\BSL430.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe -- (NVIDIA Wireless Controller Service)
SRV:64bit: - [2016.12.21 07:51:53 | 002,275,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2016.12.14 06:33:21 | 000,822,624 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AppVClient.exe -- (AppVClient)
SRV:64bit: - [2016.12.14 05:43:24 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2016.12.14 05:36:59 | 000,539,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2016.12.14 05:23:43 | 001,231,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2016.12.09 11:28:24 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2016.11.11 10:22:23 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2016.11.11 10:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:64bit: - [2016.11.11 10:20:10 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2016.11.11 10:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2016.11.11 10:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2016.11.11 10:16:35 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2016.11.11 10:14:35 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2016.11.11 10:06:19 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2016.11.11 10:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2016.11.11 10:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2016.11.02 11:30:35 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:64bit: - [2016.11.02 11:22:02 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2016.11.02 11:19:44 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:64bit: - [2016.11.02 11:16:47 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2016.11.02 11:16:27 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2016.10.15 04:37:03 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2016.10.12 12:57:55 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2016.10.12 12:57:51 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2016.10.12 12:57:51 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2016.10.12 12:57:51 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2016.10.12 12:57:51 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:64bit: - [2016.10.12 12:57:48 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2016.10.12 12:57:48 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2016.10.12 12:57:48 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2016.10.12 12:57:48 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2016.10.12 12:57:46 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2016.10.12 12:57:46 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2016.10.12 12:57:44 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:64bit: - [2016.10.12 12:57:44 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:64bit: - [2016.10.12 12:57:44 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2016.10.12 12:57:44 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2016.10.12 12:57:44 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2016.10.12 12:57:44 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2016.10.12 12:57:44 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2016.10.12 12:57:44 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2016.10.12 12:57:44 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2016.07.16 23:56:36 | 001,227,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\AgentService.exe -- (UevAgentService)
SRV:64bit: - [2016.07.16 23:56:29 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2016.07.16 12:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2016.07.16 12:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2016.07.16 12:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2016.07.16 12:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2016.07.16 12:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2016.07.16 12:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:64bit: - [2016.07.16 12:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2016.07.16 12:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2016.07.16 12:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2016.07.16 12:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2016.07.16 12:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2016.07.16 12:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2016.07.16 12:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2016.07.16 12:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_2951232)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_2951232)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_2951232)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_2951232)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_2951232)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_2951232)
SRV:64bit: - [2016.07.16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_2951232)
SRV:64bit: - [2016.07.16 12:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2016.07.16 12:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2016.07.16 12:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2016.07.16 12:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2016.07.16 12:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2016.07.16 12:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2016.07.16 12:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2016.07.16 12:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2016.07.16 12:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2016.07.16 12:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2016.07.16 12:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2016.07.16 12:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2016.07.16 12:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:64bit: - [2016.07.16 12:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2016.07.16 12:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2016.07.16 12:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2016.07.16 12:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2016.07.16 12:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2016.07.16 12:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2016.07.16 12:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2016.07.16 12:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2016.07.16 12:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:64bit: - [2016.07.16 12:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2016.07.16 12:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV - [2017.01.06 02:10:32 | 000,427,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -- (NvTelemetryContainer)
SRV - [2017.01.06 02:10:31 | 000,464,440 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Programme\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService)
SRV - [2017.01.06 02:10:31 | 000,464,440 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem)
SRV - [2017.01.04 13:48:54 | 001,317,104 | ---- | M] (Overwolf LTD) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdater)
SRV - [2017.01.03 02:10:19 | 001,457,160 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2016.12.20 03:25:40 | 001,467,168 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2016.12.19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016.12.13 15:12:15 | 005,012,616 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2016.12.11 19:47:56 | 000,459,832 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem)
SRV - [2016.12.09 09:54:48 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016.11.11 08:19:35 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016.11.11 08:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016.11.04 03:56:50 | 004,261,344 | ---- | M] (Razer Inc) [Auto | Running] -- C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe -- (RzSurroundVADStreamingService)
SRV - [2016.10.18 08:24:54 | 000,069,744 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe -- (Razer Chroma SDK Service)
SRV - [2016.10.12 12:57:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2016.09.30 10:23:10 | 004,072,264 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Program Files (x86)\G DATA\TotalSecurity\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2016.09.27 04:25:36 | 003,044,496 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G DATA\TotalSecurity\AVK\AVKWCtlx64.exe -- (AVKWCtl)
SRV - [2016.09.27 03:53:48 | 000,822,600 | ---- | M] (G DATA Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2016.09.25 00:21:05 | 000,189,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe -- (Razer Game Scanner Service)
SRV - [2016.09.20 12:54:54 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016.09.15 05:03:05 | 002,453,320 | ---- | M] (G DATA Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G DATA\TotalSecurity\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2016.09.15 04:25:10 | 003,286,120 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G DATA\TotalSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)
SRV - [2016.09.15 03:51:31 | 000,984,904 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Program Files (x86)\G DATA\TotalSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2016.07.16 12:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016.07.16 12:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016.03.10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe -- (MBAMService)
SRV - [2016.03.10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.07.01 13:41:27 | 000,255,608 | ---- | M] (G DATA Software) [On_Demand | Running] -- C:\Program Files (x86)\G DATA\TotalSecurity\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2013.07.04 03:32:06 | 000,936,728 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe -- (asComSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2017.01.19 17:11:49 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2017.01.15 22:22:23 | 000,116,296 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2017.01.06 02:10:32 | 000,059,448 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvhci.sys -- (nvvhci)
DRV:64bit: - [2017.01.06 02:10:32 | 000,047,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2017.01.02 18:11:04 | 000,153,160 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2017.01.02 18:10:40 | 000,109,128 | ---- | M] (G DATA Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT)
DRV:64bit: - [2017.01.02 18:10:40 | 000,089,160 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gddcd64.sys -- (gddcd)
DRV:64bit: - [2017.01.02 18:10:40 | 000,069,192 | ---- | M] (G DATA Software AG) [File_System | System | Running] -- C:\Windows\SysNative\drivers\gddcv64.sys -- (gddcv)
DRV:64bit: - [2017.01.02 18:10:38 | 000,077,384 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2017.01.02 16:19:51 | 000,037,400 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GDKBB64.sys -- (GDKBB)
DRV:64bit: - [2017.01.02 16:19:51 | 000,030,280 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GDKBFlt64.sys -- (GDKBFlt)
DRV:64bit: - [2017.01.02 16:19:32 | 000,105,544 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2017.01.02 16:19:31 | 000,274,400 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2017.01.02 16:19:31 | 000,180,808 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2016.12.12 22:26:58 | 014,200,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys -- (nvlddmkm)
DRV:64bit: - [2016.12.12 04:03:20 | 000,212,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016.12.09 11:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2016.11.11 11:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2016.11.11 10:26:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2016.11.02 11:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:64bit: - [2016.10.16 12:04:08 | 000,049,176 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSurroundVAD.sys -- (RZSURROUNDVADService)
DRV:64bit: - [2016.10.15 05:37:01 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2016.10.15 05:30:16 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2016.10.15 04:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2016.10.12 12:57:55 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2016.10.12 12:57:55 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2016.10.12 12:57:51 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2016.10.12 12:57:48 | 000,127,328 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppVStrm.sys -- (AppvStrm)
DRV:64bit: - [2016.10.12 12:57:46 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:64bit: - [2016.10.12 12:57:46 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:64bit: - [2016.10.12 12:57:44 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2016.10.12 12:57:44 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2016.10.12 12:57:44 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2016.10.12 12:57:44 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2016.10.12 12:57:44 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2016.10.12 12:57:44 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2016.10.12 12:57:44 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2016.09.17 02:12:20 | 000,044,144 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpmgrk.sys -- (rzpmgrk)
DRV:64bit: - [2016.09.10 14:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2016.09.07 22:27:07 | 000,137,840 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpnk.sys -- (rzpnk)
DRV:64bit: - [2016.07.16 23:56:46 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2016.07.16 23:56:40 | 000,179,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mssecflt.sys -- (MsSecFlt)
DRV:64bit: - [2016.07.16 23:56:36 | 000,040,288 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\UevAgentDriver.sys -- (UevAgentDriver)
DRV:64bit: - [2016.07.16 23:56:29 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2016.07.16 23:56:26 | 000,123,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2016.07.16 23:56:25 | 000,157,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVemgr.sys -- (AppvVemgr)
DRV:64bit: - [2016.07.16 23:56:25 | 000,141,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppvVfs.sys -- (AppvVfs)
DRV:64bit: - [2016.07.16 12:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2016.07.16 12:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2016.07.16 12:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2016.07.16 12:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2016.07.16 12:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2016.07.16 12:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2016.07.16 12:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2016.07.16 12:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:64bit: - [2016.07.16 12:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2016.07.16 12:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2016.07.16 12:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2016.07.16 12:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2016.07.16 12:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2016.07.16 12:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2016.07.16 12:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:64bit: - [2016.07.16 12:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2016.07.16 12:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2016.07.16 12:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2016.07.16 12:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2016.07.16 12:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2016.07.16 12:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2016.07.16 12:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:64bit: - [2016.07.16 12:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2016.07.16 12:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2016.07.16 12:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2016.07.16 12:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2016.07.16 12:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2016.07.16 12:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2016.07.16 12:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2016.07.16 12:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2016.07.16 12:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2016.07.16 12:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:64bit: - [2016.07.16 12:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:64bit: - [2016.07.16 12:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2016.07.16 12:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2016.07.16 12:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:64bit: - [2016.07.16 12:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2016.07.16 12:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:64bit: - [2016.07.16 12:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2016.07.16 12:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2016.07.16 12:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2016.07.16 12:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2016.07.16 12:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2016.07.16 12:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2016.07.16 12:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2016.07.16 12:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2016.07.16 12:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2016.07.16 12:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2016.07.16 12:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2016.07.16 12:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2016.07.16 12:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2016.07.16 12:41:54 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:64bit: - [2016.07.16 12:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2016.07.16 12:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:64bit: - [2016.07.16 12:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2016.07.16 12:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2016.07.16 12:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2016.07.16 12:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2016.07.16 12:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2016.07.16 12:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:64bit: - [2016.07.16 12:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2016.07.16 12:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2016.07.16 12:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:64bit: - [2016.07.16 12:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2016.07.16 12:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2016.07.16 12:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2016.07.16 12:41:53 | 000,589,824 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:64bit: - [2016.07.16 12:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2016.07.16 12:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2016.07.16 12:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2016.07.16 12:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2016.07.16 12:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:64bit: - [2016.07.16 12:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2016.07.16 12:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2016.07.16 12:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2016.07.16 12:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2016.07.16 12:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:64bit: - [2016.07.16 12:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2016.07.16 12:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2016.07.16 12:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2016.07.16 12:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2016.07.16 12:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2016.07.16 12:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2016.07.16 12:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2016.07.16 12:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2016.07.16 12:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2016.07.16 12:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2016.07.16 12:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2016.07.16 12:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2016.07.16 12:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2016.07.16 12:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2016.07.16 12:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2016.07.16 12:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2016.07.16 12:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2016.07.16 12:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:64bit: - [2016.07.16 12:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2016.07.16 12:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2016.07.16 12:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2016.07.16 12:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:64bit: - [2016.07.16 12:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2016.07.16 12:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2016.07.16 12:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2016.07.16 12:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2016.07.16 12:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2016.07.16 12:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2016.07.16 12:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2016.07.16 12:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2016.07.16 12:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2016.07.16 12:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2016.07.16 12:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2016.07.16 12:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2016.07.16 12:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2016.07.16 12:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:64bit: - [2016.06.23 12:55:34 | 000,203,288 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2016.06.23 12:55:20 | 000,051,736 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2016.04.21 11:50:47 | 000,117,904 | ---- | M] (G Data Software AG) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\gdelam.sys -- (GDElam)
DRV:64bit: - [2016.03.10 14:09:10 | 000,065,408 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016.03.10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015.12.23 08:05:26 | 000,935,168 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2015.11.24 09:45:10 | 001,468,416 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2015.10.08 20:16:00 | 000,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:64bit: - [2015.09.10 06:59:14 | 000,054,048 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmsmbsp.sys -- (bcmsmbsp)
DRV:64bit: - [2013.09.30 15:26:50 | 000,019,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.09.30 15:26:48 | 000,012,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2009.09.09 10:23:46 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\flashud.sys -- (int0800)
DRV - [2017.01.06 02:10:27 | 000,029,240 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2016.12.12 22:26:58 | 014,200,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys -- (nvlddmkm)
DRV - [2016.07.16 12:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 2C 28 63 4B 71 6F D2 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://noblockweb.org/wpad.dat?5eb931c846419c2ee1b3c3d0c0ec5cd523775190
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.region: "DE"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
[2017.01.09 14:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2017.01.15 21:19:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\gckl1d9u.default\extensions
[2017.01.15 21:19:00 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\gckl1d9u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\6.9.2.2_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.6_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.12.4_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo\1.5.5_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.9.9_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjcgpbffennccofdpganblbjiglnbip\1.1_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0\
CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppnmanbnhlloebchmhnojemignjlcopp\1_0\
 
O1 HOSTS File: ([2017.01.02 16:19:51 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    gdpwmgrlocalhost
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKCU..\Run: [Battle.net] "E:\Battle.net\Battle.net Launcher.exe" --autostarted File not found
O4 - HKCU..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\User\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] E:\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TeamSpeak 3 Client] C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk = C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14c6fcf0-9ae8-453f-8d42-fa16cb4f7938}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
         
otl txt teil1

Alt 19.01.2017, 20:55   #8
Sueyuki
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



Code:
ATTFilter
========== Files/Folders - Created Within 30 Days ==========
 
[2017.01.17 17:59:01 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2017.01.17 17:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
[2017.01.17 17:58:41 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2017.01.17 17:58:41 | 000,065,408 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2017.01.17 17:58:41 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2017.01.17 17:58:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware 
[2017.01.17 17:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017.01.15 22:35:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\WinISO Computing
[2017.01.15 22:35:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\WinISO Computing
[2017.01.15 22:35:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinISO Computing
[2017.01.15 22:22:23 | 000,116,296 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2017.01.15 22:22:23 | 000,028,208 | ---- | C] (G DATA Software) -- C:\Windows\SysNative\drivers\GdPhyMem.sys
[2017.01.15 22:22:05 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\G DATA
[2017.01.15 21:29:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\New Technology Studio
[2017.01.15 21:29:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\New Technology Studio
[2017.01.15 02:56:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Rockstar Games
[2017.01.15 02:56:19 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Rockstar Games
[2017.01.15 02:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2017.01.15 02:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2017.01.09 14:00:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Mozilla
[2017.01.09 14:00:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Mozilla
[2017.01.09 11:52:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Diagnostics
[2017.01.08 02:39:20 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Overwatch
[2017.01.08 02:32:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
[2017.01.07 11:38:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
[2017.01.07 11:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OSD Server
[2017.01.03 23:01:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PeerDistRepub
[2017.01.03 13:19:46 | 000,000,000 | ---D | C] -- C:\Users\User\Tracing
[2017.01.03 13:19:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Skype
[2017.01.03 13:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2017.01.03 13:19:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2017.01.03 13:19:43 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2017.01.03 13:19:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2017.01.03 10:03:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\OBS
[2017.01.03 10:01:22 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\My Games
[2017.01.03 10:00:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BattlEye
[2017.01.03 02:09:33 | 000,000,000 | ---D | C] -- C:\UplaySSD
[2017.01.03 02:08:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Ubisoft Game Launcher
[2017.01.03 02:08:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2017.01.03 00:06:23 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Diablo III
[2017.01.02 23:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\RzSurroundVAD_1.1.62.0
[2017.01.02 23:53:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\CrashDumps
[2017.01.02 20:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2017.01.02 19:41:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\NVIDIA
[2017.01.02 19:03:42 | 000,215,608 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2017.01.02 19:03:42 | 000,201,664 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2017.01.02 18:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2017.01.02 18:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2017.01.02 18:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL SECURITY
[2017.01.02 17:47:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2017.01.02 17:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2017.01.02 17:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2017.01.02 17:26:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2017.01.02 17:24:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Adobe
[2017.01.02 17:19:29 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\temp
[2017.01.02 17:19:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Programs
[2017.01.02 17:04:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Blizzard Entertainment
[2017.01.02 17:04:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2017.01.02 17:04:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Battle.net
[2017.01.02 17:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2017.01.02 17:04:01 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\League of Legends
[2017.01.02 16:57:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Battle.net
[2017.01.02 16:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2017.01.02 16:46:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2017.01.02 16:45:20 | 000,000,000 | ---D | C] -- C:\SteamSSD
[2017.01.02 16:43:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
[2017.01.02 16:43:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Overwolf
[2017.01.02 16:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf
[2017.01.02 16:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Overwolf
[2017.01.02 16:42:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Steam
[2017.01.02 16:42:42 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TS3Client
[2017.01.02 16:42:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Overwolf
[2017.01.02 16:42:38 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2017.01.02 16:42:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Spotify
[2017.01.02 16:42:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Spotify
[2017.01.02 16:41:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2017.01.02 16:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2017.01.02 16:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games
[2017.01.02 16:39:38 | 000,000,000 | ---D | C] -- C:\Riot Games
[2017.01.02 16:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2017.01.02 16:37:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2017.01.02 16:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2017.01.02 16:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2017.01.02 16:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2017.01.02 16:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2017.01.02 16:35:38 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Riot Games
[2017.01.02 16:20:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Chromium
[2017.01.02 16:19:52 | 000,089,160 | ---- | C] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gddcd64.sys
[2017.01.02 16:19:52 | 000,069,192 | ---- | C] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gddcv64.sys
[2017.01.02 16:19:51 | 000,109,128 | ---- | C] (G DATA Software AG) -- C:\Windows\SysNative\drivers\TS4nt.sys
[2017.01.02 16:19:51 | 000,037,400 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDKBB64.sys
[2017.01.02 16:19:51 | 000,030,280 | ---- | C] (G DATA Software AG) -- C:\Windows\SysNative\drivers\GDKBFlt64.sys
[2017.01.02 16:19:49 | 000,077,384 | ---- | C] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2017.01.02 16:19:32 | 000,105,544 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2017.01.02 16:19:31 | 000,274,400 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2017.01.02 16:19:31 | 000,180,808 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2017.01.02 16:19:31 | 000,153,160 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2017.01.02 16:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA Software
[2017.01.02 16:16:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G DATA
[2017.01.02 16:16:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2017.01.02 16:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\G Data
[2017.01.02 16:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2017.01.02 16:10:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Google
[2017.01.02 16:10:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Razer_Inc
[2017.01.02 16:10:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Razer
[2017.01.02 16:09:47 | 000,137,840 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\rzpnk.sys
[2017.01.02 16:09:38 | 000,044,144 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\rzpmgrk.sys
[2017.01.02 16:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Razer Chroma SDK
[2017.01.02 16:08:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer Chroma SDK
[2017.01.02 16:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2017.01.02 16:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2017.01.02 16:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2017.01.02 14:23:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\NVIDIA
[2017.01.02 14:23:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\NVIDIA Corporation
[2017.01.02 14:23:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\CEF
[2017.01.02 14:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2017.01.02 14:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2017.01.02 14:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2017.01.02 14:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2017.01.02 14:09:48 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2017.01.02 14:05:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2017.01.02 14:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2017.01.02 14:02:19 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2017.01.02 14:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2017.01.02 14:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2017.01.02 14:00:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Macromedia
[2017.01.02 13:59:46 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MicrosoftEdge
[2017.01.02 13:02:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Comms
[2017.01.02 12:52:09 | 000,935,168 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt630x64.sys
[2017.01.02 12:51:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\DRPSu
[2017.01.02 12:47:22 | 000,000,000 | R--D | C] -- C:\Users\User\OneDrive
[2017.01.02 12:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2017.01.02 12:46:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Publishers
[2017.01.02 12:46:01 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2017.01.02 12:46:01 | 000,000,000 | R--D | C] -- C:\Users\User\Searches
[2017.01.02 12:46:01 | 000,000,000 | R--D | C] -- C:\Users\User\Contacts
[2017.01.02 12:46:01 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2017.01.02 12:46:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\VirtualStore
[2017.01.02 12:46:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Packages
[2017.01.02 12:46:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Adobe
[2017.01.02 12:46:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\TileDataLayer
[2017.01.02 12:46:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ConnectedDevicesPlatform
[2017.01.02 12:45:49 | 000,000,000 | --SD | C] -- C:\Users\User\AppData\Roaming\Microsoft
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Videos
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Saved Games
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Pictures
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Music
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Links
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Favorites
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Downloads
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Documents
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\Desktop
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017.01.02 12:45:49 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Vorlagen
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Verlauf
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Temporary Internet Files
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Startmenü
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\SendTo
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Recent
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Netzwerkumgebung
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Lokale Einstellungen
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Videos
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Musik
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Eigene Dateien
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Bilder
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Druckumgebung
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Cookies
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Anwendungsdaten
[2017.01.02 12:45:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Anwendungsdaten
[2017.01.02 12:45:49 | 000,000,000 | -H-D | C] -- C:\Users\User\AppData
[2017.01.02 12:45:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Temp
[2017.01.02 12:45:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Microsoft
[2017.01.02 12:45:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017.01.02 12:43:37 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2017.01.02 12:30:17 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2017.01.02 12:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\Recovery
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\Programme
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2017.01.02 12:28:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2017.01.02 12:27:27 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2017.01.02 12:27:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SleepStudy
[2017.01.02 12:27:16 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles
[2017.01.02 12:27:16 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2017.01.02 12:27:15 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\Microsoft
[2017.01.02 12:27:06 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2017.01.02 12:26:40 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2017.01.19 17:11:49 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2017.01.19 17:11:22 | 2552,844,287 | -HS- | M] () -- C:\hiberfil.sys
[2017.01.19 17:11:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.01.19 13:17:17 | 001,818,712 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.01.19 13:17:17 | 000,794,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017.01.19 13:17:17 | 000,684,818 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2017.01.19 13:17:17 | 000,196,040 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017.01.19 13:17:17 | 000,142,740 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2017.01.19 13:11:10 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2017.01.19 13:10:58 | 000,012,864 | ---- | M] () -- C:\bootsqm.dat
[2017.01.18 12:59:57 | 000,002,331 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.01.17 17:58:43 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2017.01.15 22:24:16 | 000,444,853 | ---- | M] () -- C:\Users\User\Desktop\F_20160517172741oqGXCu.JPG
[2017.01.15 22:22:23 | 000,116,296 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2017.01.15 22:22:23 | 000,028,208 | ---- | M] (G DATA Software) -- C:\Windows\SysNative\drivers\GdPhyMem.sys
[2017.01.15 21:29:36 | 000,001,306 | ---- | M] () -- C:\Users\User\Desktop\OpenIV.lnk
[2017.01.15 20:39:13 | 000,168,975 | ---- | M] () -- C:\Users\User\Desktop\gpmain.PNG
[2017.01.15 11:25:44 | 000,001,492 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2017.01.14 12:08:33 | 000,283,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017.01.09 15:16:29 | 000,309,084 | ---- | M] () -- C:\Users\User\Desktop\wpid-universe-wallpaper.jpg
[2017.01.08 05:10:05 | 000,000,199 | ---- | M] () -- C:\Users\User\Desktop\Counter-Strike Global Offensive.url
[2017.01.08 02:32:37 | 000,000,533 | ---- | M] () -- C:\Users\Public\Desktop\Overwatch.lnk
[2017.01.07 11:19:35 | 000,002,029 | ---- | M] () -- C:\Users\User\Desktop\OSD Server (FPS Limiter).lnk
[2017.01.06 02:10:33 | 000,121,912 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[2017.01.06 01:09:23 | 000,001,951 | ---- | M] () -- C:\Windows\NvTelemetryContainerRecovery.bat
[2017.01.06 00:42:56 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat
[2017.01.03 13:19:44 | 000,002,642 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2017.01.03 02:09:59 | 000,000,205 | ---- | M] () -- C:\Users\User\Desktop\Tom Clancy's Rainbow Six Siege.url
[2017.01.03 02:08:33 | 000,000,638 | ---- | M] () -- C:\Users\User\Desktop\Uplay.lnk
[2017.01.02 20:51:57 | 000,000,585 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2017.01.02 18:54:05 | 000,007,605 | ---- | M] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2017.01.02 18:38:31 | 000,001,302 | ---- | M] () -- C:\Users\Public\Desktop\XTREME GAMING ENGINE.lnk
[2017.01.02 18:38:31 | 000,001,231 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk
[2017.01.02 18:11:04 | 000,153,160 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2017.01.02 18:10:46 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\G DATA TOTAL SECURITY.lnk
[2017.01.02 18:10:40 | 000,109,128 | ---- | M] (G DATA Software AG) -- C:\Windows\SysNative\drivers\TS4nt.sys
[2017.01.02 18:10:40 | 000,089,160 | ---- | M] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gddcd64.sys
[2017.01.02 18:10:40 | 000,069,192 | ---- | M] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gddcv64.sys
[2017.01.02 18:10:38 | 000,077,384 | ---- | M] (G DATA Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2017.01.02 17:59:13 | 000,015,425 | ---- | M] () -- C:\Windows\SysNative\OEMDefaultAssociations.xml
[2017.01.02 17:26:45 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2017.01.02 17:04:21 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2017.01.02 17:04:02 | 000,000,427 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2017.01.02 16:46:52 | 000,000,202 | ---- | M] () -- C:\Users\User\Desktop\Call of Duty Black Ops III.url
[2017.01.02 16:43:28 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\Overwolf.lnk
[2017.01.02 16:43:25 | 000,000,002 | ---- | M] () -- C:\END
[2017.01.02 16:42:39 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2017.01.02 16:42:22 | 000,001,852 | ---- | M] () -- C:\Users\User\Desktop\Spotify.lnk
[2017.01.02 16:41:04 | 000,000,554 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2017.01.02 16:19:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_gddcd64_01007.Wdf
[2017.01.02 16:19:51 | 000,037,400 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDKBB64.sys
[2017.01.02 16:19:51 | 000,030,280 | ---- | M] (G DATA Software AG) -- C:\Windows\SysNative\drivers\GDKBFlt64.sys
[2017.01.02 16:19:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
[2017.01.02 16:19:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_GDKBB64_01007.Wdf
[2017.01.02 16:19:32 | 000,105,544 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2017.01.02 16:19:31 | 000,274,400 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2017.01.02 16:19:31 | 000,180,808 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2017.01.02 14:02:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ASMBSW_01_11_00.Wdf
[2017.01.02 12:50:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2017.01.19 13:10:58 | 000,012,864 | ---- | C] () -- C:\bootsqm.dat
[2017.01.18 12:59:57 | 000,002,343 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2017.01.18 12:59:57 | 000,002,331 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.01.17 17:58:43 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2017.01.15 22:24:16 | 000,444,853 | ---- | C] () -- C:\Users\User\Desktop\F_20160517172741oqGXCu.JPG
[2017.01.15 21:29:36 | 000,001,306 | ---- | C] () -- C:\Users\User\Desktop\OpenIV.lnk
[2017.01.15 20:39:12 | 000,168,975 | ---- | C] () -- C:\Users\User\Desktop\gpmain.PNG
[2017.01.09 15:16:29 | 000,309,084 | ---- | C] () -- C:\Users\User\Desktop\wpid-universe-wallpaper.jpg
[2017.01.08 05:10:05 | 000,000,199 | ---- | C] () -- C:\Users\User\Desktop\Counter-Strike Global Offensive.url
[2017.01.08 02:32:37 | 000,000,533 | ---- | C] () -- C:\Users\Public\Desktop\Overwatch.lnk
[2017.01.07 11:38:53 | 000,269,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2017.01.07 11:38:53 | 000,261,920 | ---- | C] () -- C:\Windows\SysNative\vulkan-1.dll
[2017.01.07 11:38:53 | 000,125,216 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo.exe
[2017.01.07 11:38:53 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2017.01.07 11:37:30 | 000,001,951 | ---- | C] () -- C:\Windows\NvContainerRecovery.bat
[2017.01.07 11:34:15 | 007,639,617 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2017.01.07 11:19:35 | 000,002,029 | ---- | C] () -- C:\Users\User\Desktop\OSD Server (FPS Limiter).lnk
[2017.01.03 13:19:44 | 000,002,642 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2017.01.03 02:09:59 | 000,000,205 | ---- | C] () -- C:\Users\User\Desktop\Tom Clancy's Rainbow Six Siege.url
[2017.01.03 02:09:59 | 000,000,205 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Rainbow Six Siege.url
[2017.01.03 02:08:33 | 000,000,638 | ---- | C] () -- C:\Users\User\Desktop\Uplay.lnk
[2017.01.02 20:51:57 | 000,000,585 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2017.01.02 18:54:05 | 000,007,605 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2017.01.02 18:38:31 | 000,001,302 | ---- | C] () -- C:\Users\Public\Desktop\XTREME GAMING ENGINE.lnk
[2017.01.02 18:38:31 | 000,001,231 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk
[2017.01.02 17:46:34 | 002,681,200 | ---- | C] () -- C:\Windows\SysNative\CoreUIComponents.dll
[2017.01.02 17:46:29 | 000,446,896 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2017.01.02 17:46:04 | 002,048,496 | ---- | C] () -- C:\Windows\SysWow64\CoreUIComponents.dll
[2017.01.02 17:26:45 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2017.01.02 17:26:45 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2017.01.02 17:04:02 | 000,000,427 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2017.01.02 16:46:52 | 000,000,202 | ---- | C] () -- C:\Users\User\Desktop\Call of Duty Black Ops III.url
[2017.01.02 16:43:28 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\Overwolf.lnk
[2017.01.02 16:43:22 | 000,000,002 | ---- | C] () -- C:\END
[2017.01.02 16:42:39 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2017.01.02 16:42:39 | 000,000,977 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
[2017.01.02 16:42:22 | 000,001,852 | ---- | C] () -- C:\Users\User\Desktop\Spotify.lnk
[2017.01.02 16:42:22 | 000,001,838 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2017.01.02 16:41:04 | 000,000,554 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2017.01.02 16:38:20 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2017.01.02 16:20:30 | 000,001,492 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2017.01.02 16:20:19 | 000,001,951 | ---- | C] () -- C:\Windows\NvTelemetryContainerRecovery.bat
[2017.01.02 16:19:56 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\G DATA TOTAL SECURITY.lnk
[2017.01.02 16:19:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_gddcd64_01007.Wdf
[2017.01.02 16:19:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
[2017.01.02 16:19:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_GDKBB64_01007.Wdf
[2017.01.02 14:23:46 | 003,050,808 | ---- | C] () -- C:\Windows\SysNative\pwNative.exe
[2017.01.02 14:23:46 | 000,019,152 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys
[2017.01.02 14:23:46 | 000,012,504 | ---- | C] () -- C:\Windows\SysNative\pwdspio.sys
[2017.01.02 14:13:46 | 000,121,912 | ---- | C] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[2017.01.02 14:11:27 | 000,042,286 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2017.01.02 14:11:26 | 040,125,496 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.01.02 14:11:26 | 035,222,976 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.01.02 14:11:26 | 000,000,669 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2017.01.02 14:11:26 | 000,000,669 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2017.01.02 14:02:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ASMBSW_01_11_00.Wdf
[2017.01.02 14:02:19 | 000,015,232 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2017.01.02 12:50:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2017.01.02 12:47:22 | 000,002,387 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2017.01.02 12:32:23 | 001,818,712 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.01.02 12:28:07 | 2552,844,287 | -HS- | C] () -- C:\hiberfil.sys
[2017.01.02 12:27:56 | 000,047,428 | ---- | C] () -- C:\Windows\SysWow64\license.rtf
[2017.01.02 12:27:56 | 000,047,428 | ---- | C] () -- C:\Windows\SysNative\license.rtf
[2017.01.02 12:27:25 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2017.01.02 12:27:14 | 000,283,464 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017.01.02 12:27:07 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys
[2016.10.12 12:57:46 | 000,265,728 | ---- | C] () -- C:\Windows\SysWow64\Windows.Perception.Stub.dll
[2016.09.09 19:25:58 | 000,269,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-26-0.dll
[2016.09.09 19:25:28 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-26-0.exe
[2016.07.16 12:47:57 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2016.07.16 12:47:57 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2016.07.16 12:43:04 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2016.07.16 12:43:00 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\GamePanelExternalHook.dll
[2016.07.16 12:42:55 | 000,167,640 | ---- | C] () -- C:\Windows\SysWow64\chs_singlechar_pinyin.dat
[2016.07.16 12:42:53 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2016.07.16 12:42:49 | 000,304,640 | ---- | C] () -- C:\Windows\SysWow64\HrtfApo.dll
[2016.07.16 12:42:48 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2016.07.16 12:42:43 | 000,002,307 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2016.07.16 12:42:12 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
 
========== ZeroAccess Check ==========
 
[2017.01.02 16:43:27 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016.11.11 11:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016.11.11 08:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016.07.16 12:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016.07.16 12:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016.07.16 12:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2017.01.09 18:25:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Battle.net
[2017.01.02 12:51:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DRPSu
[2017.01.15 21:29:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\New Technology Studio
[2017.01.03 10:03:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OBS
[2017.01.02 16:36:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Riot Games
[2017.01.19 17:16:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Spotify
[2017.01.19 17:41:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2017.01.15 22:35:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WinISO Computing
 
========== Purity Check ==========
 
 

< End of report >
         

teil 2

Code:
ATTFilter
OTL Extras logfile created on: 19.01.2017 17:36:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\User\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,94 Gb Total Physical Memory | 9,33 Gb Available Physical Memory | 58,50% Memory free
18,32 Gb Paging File | 9,90 Gb Available in Paging File | 54,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 255,68 Gb Total Space | 63,57 Gb Free Space | 24,86% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 887,13 Gb Free Space | 95,24% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-D193TCD | User Name: Sueyuki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 06 DE 96 98 EB 64 D2 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06654745-31E7-42AA-B618-ADAA710AA1BB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe | 
"{3681DF01-932E-45D7-BBB8-C9E43DEA2F5A}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{3B96A369-90B0-439B-AE04-606941CE6D7D}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe | 
"{5839CA4D-94B5-421B-BBBC-1757A6985EDD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{8E708222-BC1E-4F03-BDFE-E64A61B2C2A7}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{A1D9D2E1-94DC-454D-9A3D-82A8E375CF4F}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079B660F-F5F5-4970-BFFF-11E35A35C5F3}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | 
"{0CAF9606-F8BF-4F4E-BE59-E36DAAD7C81A}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | 
"{1196CEDE-C747-480D-B217-46B1849A56C7}" = dir=in | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{15FCBA82-89D0-4777-9BEC-D4D50DBEE37F}" = dir=out | name=xbox | 
"{165DFF8C-9810-4A07-908D-322D4C3B9B54}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{16D1DE7B-7102-4C74-979F-12D34401A2E1}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{18D4C4B5-4F5A-4C94-AA01-A077EFF6825B}" = dir=out | name=microsoft solitaire collection | 
"{1AE7D45E-614D-440A-9D1E-EE9612A898F2}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | 
"{1DF21361-DB03-41A6-B749-6DB9DFADA625}" = protocol=6 | dir=in | app=c:\uplayssd\tom clancy's rainbow six siege\rainbowsixgame.exe | 
"{1F2B0239-8D05-445E-A060-40FD177F6F41}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{1F6C88B7-48CD-4A82-846F-CADAB30EE8BC}" = dir=out | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | 
"{20DCE514-369E-4200-ADD4-4F0E0BBFA138}" = dir=out | name=royal revolt 2 | 
"{221173F5-21B4-4D98-A268-4CD505715626}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{23398F53-2F1F-44EB-97F4-AE3FA8A90020}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{26AD8558-D6FC-41AE-B5FD-C526F0573184}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | 
"{283A2DD8-D5F3-44B8-A7E8-96F2DE1B40A0}" = protocol=17 | dir=in | app=c:\steamssd\steamapps\common\call of duty black ops iii\blackops3.exe | 
"{2E1C9EE9-FD9C-4A01-B119-0EE03272FC23}" = dir=in | name=microsoft sticky notes | 
"{30098E83-4FEF-4368-8066-F96D0EB4BD7A}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | 
"{364ABEE5-AD25-4174-9A47-7F3DC6A2FFA5}" = protocol=6 | dir=in | app=c:\steamssd\steamapps\common\call of duty black ops iii\blackops3.exe | 
"{391AEFB0-2D6E-4025-A26C-7807D26240AE}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | 
"{439FF6F8-CF04-46D1-9167-D2755D32CFA3}" = dir=out | name=@{microsoft.people_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | 
"{454E2301-D6C8-407C-BBA2-F4CDA2980E37}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | 
"{48A392A7-87FA-4570-A9B3-191AFD41B111}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | 
"{4D3E3E64-EFBE-47C8-A5A6-4791DF9AC367}" = dir=out | name=onenote | 
"{4D7EABF0-2B68-41DE-BE7D-5E9664B1AE24}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | 
"{4EAFEC2E-900E-494A-B571-270A3BB7CFE2}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} | 
"{514A1A47-1924-491D-AA42-B7C2AC1C19F4}" = dir=in | name=microsoft solitaire collection | 
"{514AE5E1-45E2-45A5-8F1F-440D7C3F796F}" = dir=out | name=netflix | 
"{51B6605A-4840-47B8-A42A-343E675F8DF1}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{549B830D-D71C-4CA9-9B98-3252E7B087F1}" = dir=out | name=twitter | 
"{56A71A33-DF0F-4830-9836-867996AC5206}" = protocol=17 | dir=in | app=c:\steamssd\steamapps\common\steamvrperformancetest\bin\win64\vr.exe | 
"{5CC6135D-2159-4867-8A99-A7F9617E84A0}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{5CFFF282-F2BC-4F9C-AFC2-20258941DA66}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | 
"{60BD9AB8-8C74-455C-ABA5-9D2D1F7A020C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{64687E9C-0071-4588-BE4C-89C644BF9845}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | 
"{6673AC2B-4EBD-4201-B653-BD2B551D7FE0}" = dir=out | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{67422236-8D09-4D4F-9FF7-65B8E603CDC0}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | 
"{67DFA4C7-5F61-4575-82C9-065F33F61FF2}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | 
"{6855503A-8647-40F6-94EF-88B9E24F1481}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{686BDEC8-66F9-4810-8332-BC70F19186B6}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{6E5EFA93-D8B6-46CB-9C6D-B1D09CBF578A}" = protocol=17 | dir=in | app=c:\uplayssd\tom clancy's rainbow six siege\rainbowsix.exe | 
"{715025C2-38EC-4CF2-AD21-07B149D2455A}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{769714C5-6D15-4CC2-ADDD-B22D8EDBCBE4}" = dir=in | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | 
"{76D2D9C1-9E4A-4466-BBDF-DEAD9ED70456}" = dir=out | name=minecraft: windows 10 edition | 
"{856E81BB-AA86-4F1F-9EC0-4E3EFC252278}" = dir=in | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{87FE2D48-73B2-479E-B49B-7153CB5CF432}" = dir=in | name=onenote | 
"{8C9AC9E1-DE05-4766-B329-EDFDAF5BB49E}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{8D77DEA6-ECA3-4E16-A6B6-06C2F6507326}" = dir=out | name=store purchase app | 
"{8EB29A80-0BF8-4114-A9E6-B42CE05BD969}" = dir=out | name=microsoft sticky notes | 
"{930F8B6D-CE57-42CA-8C49-999DFB125D69}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | 
"{939E3796-F973-4653-AAD2-88F0413DA68B}" = dir=out | name=candy crush soda saga | 
"{93CA49AA-C29D-4A7D-8FEB-91E950792B1B}" = protocol=6 | dir=in | app=c:\uplayssd\tom clancy's rainbow six siege\rainbowsix.exe | 
"{9964549C-FD46-4470-98D7-78A419072546}" = dir=out | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | 
"{99C4D9E9-DFAB-47FB-9A60-F34C2C1279FF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{9FD96644-DDAE-440F-9970-4AFC129960BE}" = dir=in | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | 
"{A86456FD-6100-4632-B6C8-122017DAD2C9}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | 
"{AA0FAA41-4D4C-40DA-B8D6-2B1BD74D1013}" = dir=in | name=netflix | 
"{AB56AC6E-F6BB-4793-8CE2-44AF2A643C85}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} | 
"{ABF4E2EC-000F-4B0A-8444-8A8F5F1B5189}" = protocol=17 | dir=in | app=e:\gtav\gta5.exe | 
"{B139556B-BA46-43BC-BD17-EBA9AE984707}" = dir=in | name=minecraft: windows 10 edition | 
"{B93C8C3D-07F7-4CC1-BDB4-CCA9C039CDBE}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{B9FAD286-7F5A-4287-B309-92FB5A1DBC24}" = dir=in | name=royal revolt 2 | 
"{BA77D143-CE37-4E2A-AA0F-EEBF3515794A}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{BA90116A-E4DD-416E-AFCB-667A7BC811A2}" = dir=out | name=@{microsoft.getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | 
"{BB5D6D5E-509B-41CC-86BC-AB5F3ABF662E}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{C22CED5E-D82B-4D4E-BE52-96C3DEBFAB16}" = protocol=6 | dir=in | app=e:\steam\bin\cef\cef.win7\steamwebhelper.exe | 
"{C3B6E7E3-2292-4FF6-A013-4BFDB598A68F}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | 
"{CA6D4ED4-1638-415F-B2B0-422ECA6D86B9}" = protocol=17 | dir=in | app=e:\steam\steam.exe | 
"{D1E7C46F-4920-4C71-8736-3A925642F5FC}" = protocol=17 | dir=in | app=c:\uplayssd\tom clancy's rainbow six siege\rainbowsixgame.exe | 
"{D3044524-62E5-4431-8B4C-76DFF9262976}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | 
"{D33EE760-F10E-4881-98E4-D00C5B49EEA6}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | 
"{D4CBCFC7-7534-4258-82EA-9772A136EA81}" = dir=out | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | 
"{D622163D-7E19-41FF-B05F-9872AA52FBA7}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{DC12CF89-C2BC-4867-8BFD-2C8437469175}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | 
"{DC460EA0-3359-491C-B954-2E9388905CDD}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{E576559E-C46A-4FDC-ACBC-3160CAEE51EE}" = protocol=6 | dir=in | app=c:\steamssd\steamapps\common\steamvrperformancetest\bin\win64\vr.exe | 
"{E5805949-69C0-44DB-81E5-7F870D1F278B}" = dir=in | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | 
"{E65698C6-5B24-4C92-A243-287F9BB12609}" = dir=out | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{EBC2FEF3-1063-4DCD-844B-B9C0472C6EB1}" = protocol=6 | dir=in | app=e:\gtav\gta5.exe | 
"{ECAE38A0-59B4-495A-96FD-C570C5907642}" = dir=out | name=facebook | 
"{EE36568C-BE2B-45C6-84B8-DBA9BBC652D1}" = protocol=17 | dir=in | app=e:\steam\bin\cef\cef.win7\steamwebhelper.exe | 
"{EEB9A65F-ECE4-41CB-B7F3-21BA0C54AC0A}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{F09BD4EC-5213-4ABD-A529-3C6177E27D58}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{F1F72878-EA91-44DC-8489-9873D18D5262}" = dir=in | name=xbox | 
"{F58447A4-8B60-445E-97D4-17E9043ABC3B}" = dir=in | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | 
"{F722953B-8BD6-414C-A242-389AEAB85D17}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} | 
"{F8403A32-D36D-440A-ADFB-7D5F1F4E5303}" = dir=out | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | 
"{F8A3751D-B169-4317-B9C5-6F3978345E56}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | 
"{FB78F881-81EC-4714-9DA3-E24E898B4D4B}" = protocol=6 | dir=in | app=e:\steam\steam.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7B50D081-E670-3B43-A460-0E2CDB5CE984}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 376.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 376.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 376.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.2.2.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 369.04
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 23.2.20.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 23.2.20.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA Wireless Controller Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.34.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NvNodejs
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NvTelemetry
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NvvHci
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.2.2.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 3.51.2
"{DFFEB619-5455-3697-B145-243D936DB95B}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918
"{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}" = Overwolf.Setup.VC100CRTx64.Dist
"Steam App 311210" = Call of Duty: Black Ops III
"Steam App 323910" = SteamVR Performance Test
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VulkanRT1.0.26.0" = Vulkan Run Time Libraries 1.0.26.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{AC76BA86-0804-1033-1959-001824211354}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Deutsch
"{B5FC62F5-A367-37A5-9FD2-A6E137C0096F}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918
"{BD9CFD69-EB91-354E-9C98-D439E6091932}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918
"{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}" = League of Legends
"{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.30
"Battle.net" = Battle.net
"Diablo III" = Diablo III
"G DATA TOTAL SECURITY" = G DATA TOTAL SECURITY
"GIGABYTE XTREME GAMING ENGINE_is1" = XTREME GAMING ENGINE
"Google Chrome" = Google Chrome
"League of Legends 4.2.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.2.1.1043
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Overwatch" = Overwatch
"Overwolf" = Overwolf
"Razer Chroma SDK" = Razer Chroma SDK Core Components
"Razer Surround" = Razer Surround
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam" = Steam
"Uplay" = Uplay
"Uplay Install 635" = Tom Clancy's Rainbow Six Siege
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
"OpenIV" = OpenIV
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = PerfNet | ID = 2004
Description = 
 
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1023
Description = 
 
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = PerfNet | ID = 2004
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1023
Description = 
 
[ System Events ]
Error - 19.01.2017 08:11:43 | Computer Name = DESKTOP-D193TCD | Source = Service Control Manager | ID = 7000
Description = Der Dienst "asComSvc" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 19.01.2017 08:11:44 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 08:11:52 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 08:11:54 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10010
Description = 
 
Error - 19.01.2017 08:11:54 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10010
Description = 
 
Error - 19.01.2017 08:12:02 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 08:13:24 | Computer Name = DESKTOP-D193TCD | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80073d02 fehlgeschlagen: Microsoft Sticky Notes
 
Error - 19.01.2017 09:25:47 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 12:11:23 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 12:12:49 | Computer Name = DESKTOP-D193TCD | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80073d02 fehlgeschlagen: Microsoft Sticky Notes
 
 
< End of report >
         


hier die extras.txt

Code:
ATTFilter
OTL Extras logfile created on: 19.01.2017 17:36:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\User\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,94 Gb Total Physical Memory | 9,33 Gb Available Physical Memory | 58,50% Memory free
18,32 Gb Paging File | 9,90 Gb Available in Paging File | 54,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 255,68 Gb Total Space | 63,57 Gb Free Space | 24,86% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 887,13 Gb Free Space | 95,24% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-D193TCD | User Name: Sueyuki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 06 DE 96 98 EB 64 D2 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06654745-31E7-42AA-B618-ADAA710AA1BB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe | 
"{3681DF01-932E-45D7-BBB8-C9E43DEA2F5A}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{3B96A369-90B0-439B-AE04-606941CE6D7D}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe | 
"{5839CA4D-94B5-421B-BBBC-1757A6985EDD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{8E708222-BC1E-4F03-BDFE-E64A61B2C2A7}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{A1D9D2E1-94DC-454D-9A3D-82A8E375CF4F}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079B660F-F5F5-4970-BFFF-11E35A35C5F3}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | 
"{0CAF9606-F8BF-4F4E-BE59-E36DAAD7C81A}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | 
"{1196CEDE-C747-480D-B217-46B1849A56C7}" = dir=in | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{15FCBA82-89D0-4777-9BEC-D4D50DBEE37F}" = dir=out | name=xbox | 
"{165DFF8C-9810-4A07-908D-322D4C3B9B54}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{16D1DE7B-7102-4C74-979F-12D34401A2E1}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{18D4C4B5-4F5A-4C94-AA01-A077EFF6825B}" = dir=out | name=microsoft solitaire collection | 
"{1AE7D45E-614D-440A-9D1E-EE9612A898F2}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | 
"{1DF21361-DB03-41A6-B749-6DB9DFADA625}" = protocol=6 | dir=in | app=c:\uplayssd\tom clancy's rainbow six siege\rainbowsixgame.exe | 
"{1F2B0239-8D05-445E-A060-40FD177F6F41}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{1F6C88B7-48CD-4A82-846F-CADAB30EE8BC}" = dir=out | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | 
"{20DCE514-369E-4200-ADD4-4F0E0BBFA138}" = dir=out | name=royal revolt 2 | 
"{221173F5-21B4-4D98-A268-4CD505715626}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{23398F53-2F1F-44EB-97F4-AE3FA8A90020}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{26AD8558-D6FC-41AE-B5FD-C526F0573184}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | 
"{283A2DD8-D5F3-44B8-A7E8-96F2DE1B40A0}" = protocol=17 | dir=in | app=c:\steamssd\steamapps\common\call of duty black ops iii\blackops3.exe | 
"{2E1C9EE9-FD9C-4A01-B119-0EE03272FC23}" = dir=in | name=microsoft sticky notes | 
"{30098E83-4FEF-4368-8066-F96D0EB4BD7A}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | 
"{364ABEE5-AD25-4174-9A47-7F3DC6A2FFA5}" = protocol=6 | dir=in | app=c:\steamssd\steamapps\common\call of duty black ops iii\blackops3.exe | 
"{391AEFB0-2D6E-4025-A26C-7807D26240AE}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | 
"{439FF6F8-CF04-46D1-9167-D2755D32CFA3}" = dir=out | name=@{microsoft.people_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | 
"{454E2301-D6C8-407C-BBA2-F4CDA2980E37}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | 
"{48A392A7-87FA-4570-A9B3-191AFD41B111}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | 
"{4D3E3E64-EFBE-47C8-A5A6-4791DF9AC367}" = dir=out | name=onenote | 
"{4D7EABF0-2B68-41DE-BE7D-5E9664B1AE24}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | 
"{4EAFEC2E-900E-494A-B571-270A3BB7CFE2}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} | 
"{514A1A47-1924-491D-AA42-B7C2AC1C19F4}" = dir=in | name=microsoft solitaire collection | 
"{514AE5E1-45E2-45A5-8F1F-440D7C3F796F}" = dir=out | name=netflix | 
"{51B6605A-4840-47B8-A42A-343E675F8DF1}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{549B830D-D71C-4CA9-9B98-3252E7B087F1}" = dir=out | name=twitter | 
"{56A71A33-DF0F-4830-9836-867996AC5206}" = protocol=17 | dir=in | app=c:\steamssd\steamapps\common\steamvrperformancetest\bin\win64\vr.exe | 
"{5CC6135D-2159-4867-8A99-A7F9617E84A0}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{5CFFF282-F2BC-4F9C-AFC2-20258941DA66}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | 
"{60BD9AB8-8C74-455C-ABA5-9D2D1F7A020C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{64687E9C-0071-4588-BE4C-89C644BF9845}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | 
"{6673AC2B-4EBD-4201-B653-BD2B551D7FE0}" = dir=out | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{67422236-8D09-4D4F-9FF7-65B8E603CDC0}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | 
"{67DFA4C7-5F61-4575-82C9-065F33F61FF2}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.693_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | 
"{6855503A-8647-40F6-94EF-88B9E24F1481}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{686BDEC8-66F9-4810-8332-BC70F19186B6}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
"{6E5EFA93-D8B6-46CB-9C6D-B1D09CBF578A}" = protocol=17 | dir=in | app=c:\uplayssd\tom clancy's rainbow six siege\rainbowsix.exe | 
"{715025C2-38EC-4CF2-AD21-07B149D2455A}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{769714C5-6D15-4CC2-ADDD-B22D8EDBCBE4}" = dir=in | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | 
"{76D2D9C1-9E4A-4466-BBDF-DEAD9ED70456}" = dir=out | name=minecraft: windows 10 edition | 
"{856E81BB-AA86-4F1F-9EC0-4E3EFC252278}" = dir=in | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{87FE2D48-73B2-479E-B49B-7153CB5CF432}" = dir=in | name=onenote | 
"{8C9AC9E1-DE05-4766-B329-EDFDAF5BB49E}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{8D77DEA6-ECA3-4E16-A6B6-06C2F6507326}" = dir=out | name=store purchase app | 
"{8EB29A80-0BF8-4114-A9E6-B42CE05BD969}" = dir=out | name=microsoft sticky notes | 
"{930F8B6D-CE57-42CA-8C49-999DFB125D69}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | 
"{939E3796-F973-4653-AAD2-88F0413DA68B}" = dir=out | name=candy crush soda saga | 
"{93CA49AA-C29D-4A7D-8FEB-91E950792B1B}" = protocol=6 | dir=in | app=c:\uplayssd\tom clancy's rainbow six siege\rainbowsix.exe | 
"{9964549C-FD46-4470-98D7-78A419072546}" = dir=out | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | 
"{99C4D9E9-DFAB-47FB-9A60-F34C2C1279FF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{9FD96644-DDAE-440F-9970-4AFC129960BE}" = dir=in | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | 
"{A86456FD-6100-4632-B6C8-122017DAD2C9}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | 
"{AA0FAA41-4D4C-40DA-B8D6-2B1BD74D1013}" = dir=in | name=netflix | 
"{AB56AC6E-F6BB-4793-8CE2-44AF2A643C85}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} | 
"{ABF4E2EC-000F-4B0A-8444-8A8F5F1B5189}" = protocol=17 | dir=in | app=e:\gtav\gta5.exe | 
"{B139556B-BA46-43BC-BD17-EBA9AE984707}" = dir=in | name=minecraft: windows 10 edition | 
"{B93C8C3D-07F7-4CC1-BDB4-CCA9C039CDBE}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{B9FAD286-7F5A-4287-B309-92FB5A1DBC24}" = dir=in | name=royal revolt 2 | 
"{BA77D143-CE37-4E2A-AA0F-EEBF3515794A}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{BA90116A-E4DD-416E-AFCB-667A7BC811A2}" = dir=out | name=@{microsoft.getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | 
"{BB5D6D5E-509B-41CC-86BC-AB5F3ABF662E}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{C22CED5E-D82B-4D4E-BE52-96C3DEBFAB16}" = protocol=6 | dir=in | app=e:\steam\bin\cef\cef.win7\steamwebhelper.exe | 
"{C3B6E7E3-2292-4FF6-A013-4BFDB598A68F}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | 
"{CA6D4ED4-1638-415F-B2B0-422ECA6D86B9}" = protocol=17 | dir=in | app=e:\steam\steam.exe | 
"{D1E7C46F-4920-4C71-8736-3A925642F5FC}" = protocol=17 | dir=in | app=c:\uplayssd\tom clancy's rainbow six siege\rainbowsixgame.exe | 
"{D3044524-62E5-4431-8B4C-76DFF9262976}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | 
"{D33EE760-F10E-4881-98E4-D00C5B49EEA6}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | 
"{D4CBCFC7-7534-4258-82EA-9772A136EA81}" = dir=out | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | 
"{D622163D-7E19-41FF-B05F-9872AA52FBA7}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{DC12CF89-C2BC-4867-8BFD-2C8437469175}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | 
"{DC460EA0-3359-491C-B954-2E9388905CDD}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{E576559E-C46A-4FDC-ACBC-3160CAEE51EE}" = protocol=6 | dir=in | app=c:\steamssd\steamapps\common\steamvrperformancetest\bin\win64\vr.exe | 
"{E5805949-69C0-44DB-81E5-7F870D1F278B}" = dir=in | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | 
"{E65698C6-5B24-4C92-A243-287F9BB12609}" = dir=out | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{EBC2FEF3-1063-4DCD-844B-B9C0472C6EB1}" = protocol=6 | dir=in | app=e:\gtav\gta5.exe | 
"{ECAE38A0-59B4-495A-96FD-C570C5907642}" = dir=out | name=facebook | 
"{EE36568C-BE2B-45C6-84B8-DBA9BBC652D1}" = protocol=17 | dir=in | app=e:\steam\bin\cef\cef.win7\steamwebhelper.exe | 
"{EEB9A65F-ECE4-41CB-B7F3-21BA0C54AC0A}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{F09BD4EC-5213-4ABD-A529-3C6177E27D58}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{F1F72878-EA91-44DC-8489-9873D18D5262}" = dir=in | name=xbox | 
"{F58447A4-8B60-445E-97D4-17E9043ABC3B}" = dir=in | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | 
"{F722953B-8BD6-414C-A242-389AEAB85D17}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} | 
"{F8403A32-D36D-440A-ADFB-7D5F1F4E5303}" = dir=out | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | 
"{F8A3751D-B169-4317-B9C5-6F3978345E56}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | 
"{FB78F881-81EC-4714-9DA3-E24E898B4D4B}" = protocol=6 | dir=in | app=e:\steam\steam.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7B50D081-E670-3B43-A460-0E2CDB5CE984}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 376.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 376.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 376.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.2.2.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 369.04
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 23.2.20.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 23.2.20.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA Wireless Controller Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.34.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NvNodejs
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NvTelemetry
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NvvHci
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.2.2.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 3.51.2
"{DFFEB619-5455-3697-B145-243D936DB95B}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918
"{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}" = Overwolf.Setup.VC100CRTx64.Dist
"Steam App 311210" = Call of Duty: Black Ops III
"Steam App 323910" = SteamVR Performance Test
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VulkanRT1.0.26.0" = Vulkan Run Time Libraries 1.0.26.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{AC76BA86-0804-1033-1959-001824211354}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Deutsch
"{B5FC62F5-A367-37A5-9FD2-A6E137C0096F}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918
"{BD9CFD69-EB91-354E-9C98-D439E6091932}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918
"{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}" = League of Legends
"{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.30
"Battle.net" = Battle.net
"Diablo III" = Diablo III
"G DATA TOTAL SECURITY" = G DATA TOTAL SECURITY
"GIGABYTE XTREME GAMING ENGINE_is1" = XTREME GAMING ENGINE
"Google Chrome" = Google Chrome
"League of Legends 4.2.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.2.1.1043
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Overwatch" = Overwatch
"Overwolf" = Overwolf
"Razer Chroma SDK" = Razer Chroma SDK Core Components
"Razer Surround" = Razer Surround
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam" = Steam
"Uplay" = Uplay
"Uplay Install 635" = Tom Clancy's Rainbow Six Siege
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
"OpenIV" = OpenIV
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = PerfNet | ID = 2004
Description = 
 
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1023
Description = 
 
Error - 19.01.2017 12:44:25 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1008
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = PerfNet | ID = 2004
Description = 
 
Error - 19.01.2017 12:46:22 | Computer Name = DESKTOP-D193TCD | Source = Perflib | ID = 1023
Description = 
 
[ System Events ]
Error - 19.01.2017 08:11:43 | Computer Name = DESKTOP-D193TCD | Source = Service Control Manager | ID = 7000
Description = Der Dienst "asComSvc" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 19.01.2017 08:11:44 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 08:11:52 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 08:11:54 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10010
Description = 
 
Error - 19.01.2017 08:11:54 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10010
Description = 
 
Error - 19.01.2017 08:12:02 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 08:13:24 | Computer Name = DESKTOP-D193TCD | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80073d02 fehlgeschlagen: Microsoft Sticky Notes
 
Error - 19.01.2017 09:25:47 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 12:11:23 | Computer Name = DESKTOP-D193TCD | Source = DCOM | ID = 10016
Description = 
 
Error - 19.01.2017 12:12:49 | Computer Name = DESKTOP-D193TCD | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80073d02 fehlgeschlagen: Microsoft Sticky Notes
 
 
< End of report >
         


hier die extras.txt

Code:
ATTFilter
NlaSvc Manual Proxies
Status             : Scanned
Object             : HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\@
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Potentially Unwanted Modification
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\@ = 0hxxp://noblockweb.org/wpad.dat?5eb931c846419c2ee1b3c3d0c0ec5cd523775190
         
zemana antimalware
hab die datei gelöscht aber sie kommt immer wieder bzw ist da trotz löschung

Alt 20.01.2017, 10:15   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



Aha. Und was soll ich mit diesen Logs jetzt tun?
Wir hatten über Werkseinstellungen gesprochen, nciht über weitere Logs.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.01.2017, 10:26   #10
Sueyuki
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



am Anfang hatten sie mich drum gebeten logs reinzusenden von den verschiedenen programmen die ich durchgeführt hatte.ivh meinte daraufhin das ich sie am nächsten tag schicken werde.

das mit den werkeinstellungen war eine frage rein aus interesse wie bereit beschrieben^^

Alt 20.01.2017, 10:34   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Standard

Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen



dann entscheide dich doch einfach mal

Ich analysiere hier doch keine Logs, schon garkeine die ich nicht angefordert habe, wenn du eh alles plätten und neu machen willst
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen
andere, ausgeführt, browser, chip, cleaner, data, datei, deinstalliert, dringend, durchsucht, löschen, malware, nicht mehr, scan, scann, schutzprogramm, spiel, tagen, tan, trotz, virenschutzprogramm, werbung, öffnen, öffnet, öffnet von alleine



Ähnliche Themen: Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen


  1. Mac OS X Werbetabs Google Chrome
    Alles rund um Mac OSX & Linux - 04.05.2015 (5)
  2. Werbetabs öffnen sich automatisch (Chrome/Windows)
    Log-Analyse und Auswertung - 09.04.2015 (3)
  3. Chrome öffnet sich von alleine und öffnet dann Popup Fenster
    Log-Analyse und Auswertung - 08.03.2015 (11)
  4. Chrome öffnet ständig Werbeseiten von alleine
    Log-Analyse und Auswertung - 24.02.2015 (7)
  5. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)
  6. google chrome öffnet werbetabs - immer zwei stück
    Log-Analyse und Auswertung - 16.01.2015 (21)
  7. Chrome öffnet beim starten Werbetabs
    Log-Analyse und Auswertung - 27.11.2014 (9)
  8. Es öffnen sich in Chrome ständig neue Werbetabs von alleine
    Plagegeister aller Art und deren Bekämpfung - 25.11.2014 (22)
  9. Google Chrome öffnet eigene Werbe-Tabs (marketittzer.net - Weiterleitung zu andere Werbeseiten)
    Plagegeister aller Art und deren Bekämpfung - 21.07.2014 (24)
  10. Windows 7: Google Chrome öffnet von alleine Fenster mit Werbung
    Log-Analyse und Auswertung - 06.06.2014 (12)
  11. Windows 7 Ultimate: Google Chrome öffnet von alleine neue Fenster mit Werbung oder neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (19)
  12. Windows 7: Google Chrome öffnet von alleine Fenster mit Werbung
    Log-Analyse und Auswertung - 28.10.2013 (9)
  13. Wurde ich gehijacked? Oder was ist los? Browser öffnet in verschiedenen Abständen Werbetabs!
    Log-Analyse und Auswertung - 31.10.2011 (21)
  14. Google leitet auf andere Suchmaschienen um (Firefox und Explorer)
    Plagegeister aller Art und deren Bekämpfung - 18.10.2010 (28)
  15. Firefox öffnet Werbetabs&Internet Explorer öffnet sich selbstständig
    Log-Analyse und Auswertung - 09.05.2010 (64)
  16. HILFE: Firefox öffnet Werbetabs&Internet Explorer öffnet sich selbstständig
    Log-Analyse und Auswertung - 07.05.2010 (6)
  17. Mozilla öffnet werbeseiten oder öffnet sich komplett von alleine
    Log-Analyse und Auswertung - 25.10.2005 (2)

Zum Thema Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen - Hallo erstmal, vor einigen Tagen habe ich mir eine art reparurprogramm für das spiel GTA V gedownloaded von chip online. doch wie mir aufgefallen ist hat diese datei nix gemacht - Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen...
Archiv
Du betrachtest: Chrome öffnet von alleine Werbetabs oder benutzt andere suchmaschienen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.