Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.05.2017, 22:43   #1
Damina1997
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Moin ,
ich weiß ich schon wieder. ^^
Diesmal gehts aber um meinen Hauptrechner, der schon einige Zeit relativ langsam ist.
Aus diesem Grund hab ich mal Malwarebytes Anti-Malware laufen lassen und wurde auch fündig (s. Log).
Auf jeden Fall sagt mir mein Gefühl, dass es das noch nicht unbedingt war und irgendwo sich vielleicht noch was rumtreiben könnte.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.05.2017
Suchlaufzeit: 22:09
Protokolldatei: MBAM.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.05.02.07
Rootkit-Datenbank: v2017.04.02.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Denise

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 288818
Abgelaufene Zeit: 17 Min., 31 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.GameHack, C:\Program Files (x86)\Cheat Engine 6.5\standalonephase1.dat, , [d58aa86bf5b4f244529062eec53c6f91], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Anschließend auch FRST.txt und Addition.txt:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2017
durchgeführt von Denise (Administrator) auf DENISE-NOTEBOOK (02-05-2017 22:28:31)
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28344536 2017-04-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1058360 2017-04-18] ()
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify] => C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Discord] => C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify Web Helper] => C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-02] (Spotify Ltd)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-26] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BF9CCFC1-6FCA-4ABF-8044-CAB8EB45663B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E5937EBF-A255-40C3-B2F8-6204570F2CF3}: [DhcpNameServer] 192.168.24.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: Kein Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome: 
=======
CHR Profile: C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default [2017-05-02]
CHR Extension: (Google Präsentationen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04]
CHR Extension: (Google Docs) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04]
CHR Extension: (Google Drive) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-24]
CHR Extension: (Google-Suche) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (FrankerFaceZ) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-12-17]
CHR Extension: (Google Tabellen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Twitch Live) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2017-01-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-07] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-04-26] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-29] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325896 2017-04-18] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-05-02] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 DfSdkS; kein ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-02 22:28 - 2017-05-02 22:29 - 00026132 _____ C:\Users\Denise\Downloads\FRST.txt
2017-05-02 22:27 - 2017-05-02 22:27 - 02428416 _____ (Farbar) C:\Users\Denise\Downloads\FRST64.exe
2017-05-02 22:27 - 2017-05-02 22:27 - 00001286 _____ C:\Users\Denise\Downloads\MBAM.txt
2017-05-02 15:21 - 2017-05-02 15:21 - 00000000 ____D C:\Users\Denise\Documents\League of Legends
2017-05-02 15:15 - 2017-05-02 15:15 - 00000000 ____D C:\ProgramData\Riot Games
2017-05-02 15:14 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-05-02 15:13 - 2017-05-02 15:22 - 00001722 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-05-02 15:13 - 2017-05-02 15:13 - 00000000 ____D C:\Riot Games
2017-05-02 15:11 - 2017-05-02 15:14 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Riot Games
2017-05-02 15:11 - 2017-05-02 15:11 - 31876824 _____ (Riot Games) C:\Users\Denise\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2017-04-28 15:26 - 2017-04-29 14:00 - 00010972 _____ C:\Users\Denise\Desktop\Car Mechanic Fahrzeuge.xlsx
2017-04-27 01:42 - 2017-04-27 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-26 20:02 - 2017-04-26 20:02 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-13 15:29 - 2017-04-13 15:29 - 00437477 _____ C:\Users\Denise\Downloads\SX8Q4C.pdf
2017-04-12 10:44 - 2017-04-12 10:44 - 38952320 _____ (Mojang) C:\Users\Denise\Downloads\Minecraft.exe
2017-04-12 10:44 - 2017-04-12 10:44 - 00000220 _____ C:\Users\Denise\Downloads\updateLog.txt
2017-04-12 10:44 - 2017-04-12 10:44 - 00000000 ____D C:\Users\Denise\Downloads\game
2017-04-11 23:01 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 23:01 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-11 23:01 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 23:01 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 23:01 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 23:01 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 23:01 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 23:01 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 23:01 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 23:01 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 23:01 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 23:01 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 23:01 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-11 23:01 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-11 23:01 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 23:01 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-11 23:01 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 23:01 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 23:01 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 23:01 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 23:01 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 23:01 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 23:01 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-11 23:01 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 23:01 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 23:01 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 23:01 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-11 23:01 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 23:01 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 23:01 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-11 23:01 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-11 23:01 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-11 23:01 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2017-04-11 23:01 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-11 23:01 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-11 23:01 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-11 23:01 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-11 23:01 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-11 23:01 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 23:01 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-11 23:01 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-11 23:01 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2017-04-11 23:01 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2017-04-11 23:01 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-04-11 23:01 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-04-11 23:01 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-04-11 23:01 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-04-11 23:01 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-04-11 23:01 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-04-11 23:01 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-04-11 23:01 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-04-11 23:01 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-04-11 23:01 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-04-11 23:01 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-04-11 23:01 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-04-11 23:00 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-11 23:00 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-11 23:00 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-11 23:00 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-11 23:00 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 23:00 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 23:00 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 23:00 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-11 23:00 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-11 23:00 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-11 23:00 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-11 23:00 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 23:00 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 23:00 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 23:00 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 23:00 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 23:00 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 23:00 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 23:00 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\system32\ApnDatabase.xml
2017-04-11 23:00 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-04-07 21:49 - 2017-04-07 21:50 - 07662317 _____ C:\Users\Denise\Downloads\FTB_Launcher.exe
2017-04-05 14:56 - 2017-04-05 14:56 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Si7 studio

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-02 22:28 - 2017-02-22 11:37 - 00000000 ____D C:\FRST
2017-05-02 22:28 - 2016-09-10 13:49 - 02639360 ___SH C:\Users\Denise\Downloads\Thumbs.db
2017-05-02 22:09 - 2017-02-22 12:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-02 22:08 - 2015-11-04 19:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-02 22:05 - 2015-11-04 17:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Spotify
2017-05-02 22:02 - 2014-10-29 14:02 - 00767018 _____ C:\Windows\system32\perfh007.dat
2017-05-02 22:02 - 2014-10-29 14:02 - 00159786 _____ C:\Windows\system32\perfc007.dat
2017-05-02 22:02 - 2014-03-18 17:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-02 22:02 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-02 22:00 - 2015-11-04 17:10 - 00000000 ____D C:\Users\Denise\AppData\Local\Spotify
2017-05-02 21:40 - 2015-11-04 16:20 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-02 20:09 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Roaming\TS3Client
2017-05-02 19:40 - 2015-11-04 16:20 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-02 17:12 - 2015-11-04 16:11 - 00000165 _____ C:\Users\Denise\AppData\Roaming\sp_data.sys
2017-05-02 16:07 - 2016-03-01 00:33 - 00007606 _____ C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2017-05-02 12:00 - 2016-08-01 12:33 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-05-02 12:00 - 2015-11-04 16:14 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-05-02 03:31 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-02 03:29 - 2014-10-29 08:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-30 16:13 - 2016-11-04 13:42 - 00000000 ____D C:\Users\Denise\Documents\Viscera
2017-04-30 11:51 - 2017-03-16 15:19 - 00001220 _____ C:\Users\Denise\Downloads\nativelog.txt
2017-04-30 11:51 - 2016-12-19 16:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.minecraft
2017-04-29 15:58 - 2015-11-04 16:18 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 15:58 - 2015-11-04 16:18 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 04:15 - 2015-11-04 16:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2606138470-3405722970-712637843-1001
2017-04-27 01:42 - 2015-11-04 16:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-25 00:26 - 2015-12-27 23:36 - 00000000 ____D C:\Users\Denise\AppData\Local\CrashDumps
2017-04-24 04:28 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-04-23 17:21 - 2017-02-23 12:40 - 00001539 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2017-04-23 17:21 - 2015-11-04 16:13 - 00000000 ____D C:\Users\Denise\OneDrive
2017-04-23 11:36 - 2015-11-04 16:05 - 00000000 ____D C:\Users\Denise
2017-04-17 13:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-04-17 10:48 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-17 10:39 - 2016-05-12 19:58 - 00001062 _____ C:\Users\Denise\Desktop\Neues Textdokument (3).txt
2017-04-17 10:32 - 2016-02-04 23:06 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.technic
2017-04-17 10:32 - 2016-02-04 23:05 - 04734784 _____ () C:\Users\Denise\Downloads\TechnicLauncher.exe
2017-04-14 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-04-14 18:06 - 2013-08-22 16:44 - 00479584 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-14 12:00 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 10:44 - 2017-03-16 15:19 - 00000000 ____D C:\Users\Denise\Downloads\tmp
2017-04-12 04:25 - 2015-11-06 16:01 - 00000000 ____D C:\Windows\system32\MRT
2017-04-12 04:23 - 2015-11-06 16:01 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-12 04:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-08 00:06 - 2016-08-11 12:13 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 23:21 - 2016-08-30 15:36 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Temp
2017-04-07 22:31 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Local\ftblauncher
2017-04-07 21:59 - 2015-11-18 19:17 - 00000000 ____D C:\ftb
2017-04-07 21:50 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Roaming\ftblauncher
2017-04-05 14:58 - 2015-12-01 23:06 - 00000000 ____D C:\Users\Denise\Documents\My Games
2017-04-05 03:01 - 2016-12-09 20:49 - 00002370 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-04-05 03:01 - 2016-12-06 03:32 - 00003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-05 03:01 - 2016-02-21 14:41 - 00003196 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2606138470-3405722970-712637843-1001
2017-04-03 14:43 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Local\Overwolf

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-04 16:11 - 2017-05-02 17:12 - 0000165 _____ () C:\Users\Denise\AppData\Roaming\sp_data.sys
2016-07-12 23:15 - 2016-07-12 23:15 - 0001454 _____ () C:\Users\Denise\AppData\Local\recently-used.xbel
2016-03-01 00:33 - 2017-05-02 16:07 - 0007606 _____ () C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2015-03-18 14:53 - 2015-03-18 14:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Einige Dateien in TEMP:
====================
2017-04-09 01:17 - 2017-04-09 01:17 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1040318976079216718.dll
2017-04-10 17:11 - 2017-04-10 17:11 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-107992347504823130.dll
2017-04-09 01:22 - 2017-04-09 01:22 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1393927604816923217.dll
2017-04-17 10:36 - 2017-04-17 10:36 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1605890471314782318.dll
2017-04-17 20:28 - 2017-04-17 20:28 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2195549389685782762.dll
2017-04-12 16:12 - 2017-04-12 16:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2278816693079296955.dll
2017-04-29 10:40 - 2017-04-29 10:40 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2289259205964025034.dll
2017-04-12 11:52 - 2017-04-12 11:52 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2293235393832101607.dll
2017-04-17 20:37 - 2017-04-17 20:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2717276439790702517.dll
2017-04-26 12:12 - 2017-04-26 12:12 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2812241115399243833.dll
2017-04-09 01:37 - 2017-04-09 01:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2886755838872423022.dll
2017-04-10 13:57 - 2017-04-10 13:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2947519856391172585.dll
2017-04-11 12:50 - 2017-04-11 12:50 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-3006947278836389063.dll
2017-04-09 01:33 - 2017-04-09 01:33 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-3275234403545714624.dll
2017-04-10 16:51 - 2017-04-10 16:51 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-363026189231537429.dll
2017-04-09 11:51 - 2017-04-09 11:51 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-382171821654916660.dll
2017-04-24 23:10 - 2017-04-24 23:10 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-38851600159007909.dll
2017-04-10 22:54 - 2017-04-10 22:54 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-4624524647489449371.dll
2017-04-27 21:45 - 2017-04-27 21:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-4671433893680303623.dll
2017-04-17 21:46 - 2017-04-17 21:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5245631579023480511.dll
2017-04-17 10:40 - 2017-04-17 10:40 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5651678435619837219.dll
2017-04-25 13:28 - 2017-04-25 13:28 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5839221738519008296.dll
2017-04-24 12:00 - 2017-04-24 12:00 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-6858090211071687154.dll
2017-04-24 13:21 - 2017-04-24 13:21 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-782039470112850992.dll
2017-04-16 21:21 - 2017-04-16 21:21 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-811926212269422760.dll
2017-04-27 12:37 - 2017-04-27 12:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-851885707297706314.dll
2017-04-13 17:18 - 2017-04-13 17:18 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8695384281373204455.dll
2017-04-09 01:30 - 2017-04-09 01:30 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8793313027965502837.dll
2017-04-12 18:08 - 2017-04-12 18:08 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8855172364835676341.dll
2017-04-09 22:03 - 2017-04-09 22:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8958763056661960550.dll
2017-04-12 10:44 - 2017-04-12 10:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-911095625501500122.dll
2017-04-11 14:06 - 2017-04-11 14:06 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-984113642458192691.dll
2017-04-21 02:28 - 2017-04-21 02:28 - 0739904 _____ (Oracle Corporation) C:\Users\Denise\AppData\Local\Temp\jre-8u131-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-29 13:47

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-05-2017
durchgeführt von Denise (02-05-2017 22:29:35)
Gestartet von C:\Users\Denise\Downloads
Windows 8.1 (Update) (X64) (2015-11-04 14:07:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2606138470-3405722970-712637843-500 - Administrator - Disabled)
Denise (S-1-5-21-2606138470-3405722970-712637843-1001 - Administrator - Enabled) => C:\Users\Denise
Gast (S-1-5-21-2606138470-3405722970-712637843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2606138470-3405722970-712637843-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.39 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestar Galactica Online (HKLM-x32\...\Battlestar Galactica Online_is1) (Version: 1.0 - Bigpoint GmbH)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version:  - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.293.1110 - Electronic Arts Inc.)
Digimon Masters Online (HKLM\...\Steam App 537180) (Version:  - Move Games Co., Ltd.)
Discord (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 24.4.17 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version:  - Giants Software)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hello Kitty Online POD Installer (HKLM-x32\...\{0150D55C-0FEE-4F1D-BEE5-085C0DD2B476}_is1) (Version: 1.9.9.0.2 - SANRIODIGITAL GAMES & ENTERTAINMENT INC)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Layers of Fear (HKLM\...\Steam App 391720) (Version:  - Bloober Team SA)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
My Secret Pets! (HKLM\...\Steam App 447180) (Version:  - Dogenzaka Lab)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3c3ba69a-df4e-4526-88e4-04f1ff87fc0d}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.233.0 - Overwolf Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.23) (Version: 2.0.23 - Ikara Software Limited)
Pixelmon Launcher (Beta) (x32 Version: 2.0.23 - Ikara Software Limited) Hidden
Plantera (HKLM\...\Steam App 421040) (Version:  - VaragtP)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version:  - Monomi Park)
Spotify (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Bunker (HKLM\...\Steam App 481110) (Version:  - Splendy Interactive)
The Guest (HKLM\...\Steam App 402040) (Version:  - Team Gotham)
The Walking Dead (HKLM\...\Steam App 207610) (Version:  - Telltale Games)
Time Mysteries: Inheritance - Remastered (HKLM\...\Steam App 350010) (Version:  - Artifex Mundi)
Train Mechanic Simulator 2017 (HKLM\...\Steam App 538810) (Version:  - Si7 Studio)
TruckersMP 0.2.1.3.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.5 Alpha - TruckersMP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-85b1f5f2-c617-4d5a-942e-760c69695908) (Version:  - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: Santa's Rampage (HKLM\...\Steam App 265210) (Version:  - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2606138470-3405722970-712637843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Denise\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07321C46-5DD2-47DA-BA1C-EFB16558C116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {19322365-6413-495C-B6B3-587BB1FDA412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {24903DAB-555C-44AD-B392-68D313BA773A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3A1F1DDC-02BA-45AB-9A82-ECD4902A6552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {401F971E-3089-45D6-8760-58EB4216B3F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {4438B3D2-206C-48AA-9028-CA480F4D5768} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {62687EC0-BB73-4EA9-8F8E-A800049FE0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {883A3F07-BB44-43B8-96A9-E39E723C41EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {911D73C4-9DE2-46B8-B701-59970283A9CF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {983DD468-029B-4F16-A77A-310293C8F729} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-04-18] (Overwolf LTD)
Task: {AB6DFF50-8E3D-419E-9173-D8DC9D6AF47B} - System32\Tasks\{F4B0E50F-1D1D-49E4-A13D-11BAF2D67674} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {B847F2D4-38DE-46D7-ABE1-0C0479CAECEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {C6A6D6F9-E4A8-410D-B15E-56851DA6CCAD} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {D66A24C1-B98B-4B82-9873-5C95D27B7780} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {D9298A94-FF7B-4008-B247-DC3F13B8B46E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {E4B15ED4-FEFA-47BB-8ECC-7E9A9CCD4457} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {E81BCDCC-2BD4-422C-B3D3-FA24F205F188} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-02] (Microsoft Corporation)
Task: {F2987583-C64B-4210-8369-6D05BCDC321D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F349EF15-C2F3-46B0-8189-E5FF70116D2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {FAFE6503-554E-4E50-AF09-7B4E289E14C2} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-02-14 17:14 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2015-03-18 14:49 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-16 12:17 - 2016-03-16 12:17 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-01-14 04:24 - 2014-12-15 07:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2017-02-14 17:14 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-11-05 18:23 - 2015-11-05 18:23 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-11-07 14:31 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 01082880 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-25 17:02 - 2017-01-25 17:02 - 03750400 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 00914432 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-25 17:02 - 2017-01-25 17:02 - 01127424 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-11 23:22 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-04-23 17:20 - 2017-04-23 17:20 - 00148992 _____ () \\?\C:\Users\Denise\AppData\Local\Temp\B1FE.tmp.node
2017-01-25 17:02 - 2017-01-25 17:02 - 02658304 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-25 17:03 - 2017-03-24 05:24 - 02665976 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2015-11-04 17:10 - 2017-05-02 22:00 - 67725936 _____ () C:\Users\Denise\AppData\Roaming\Spotify\libcef.dll
2015-11-04 17:10 - 2017-05-02 22:00 - 01929840 _____ () C:\Users\Denise\AppData\Roaming\Spotify\libglesv2.dll
2015-11-04 17:10 - 2017-05-02 22:00 - 00087152 _____ () C:\Users\Denise\AppData\Roaming\Spotify\libegl.dll
2015-11-04 19:26 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 21:47 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 22:35 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-11-04 19:26 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Denise\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "BlueStacks Agent"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C852CC74-3AB4-4C98-941B-BE20D823E1A1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0EA8F599-958B-4D85-A13E-12C272DD6E06}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{692D9FC0-DB01-4E87-B382-E26EF1BC663B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0F62AF29-AE03-4711-B9C8-962924E57F03}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFCD695A-B70B-4899-88EB-6D98EEDFDB01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{76DCA23A-E0EE-4AA5-A85C-4818EBD2E7CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe
FirewallRules: [{50F34949-4DD3-4672-9DE9-83CE38D0B294}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8FEAF39F-D717-4E2F-A0E3-FC65F540E1C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2B36FE30-2449-46D2-B4FA-4785C2ACF641}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FD1B3530-E5D5-4CAA-9697-80927BF9D090}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E76FD92-8B5C-4994-9F60-4C88D5550984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90E74E70-64DE-48C4-BE2B-959AC2D01AB5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CE2C69F0-5BFA-4864-9383-A69102073E9A}] => (Allow) LPort=2869
FirewallRules: [{A9573006-EB2F-4A65-BC7D-3B02D79A1BF6}] => (Allow) LPort=1900
FirewallRules: [{A578AC21-C9B0-471D-BE1D-BBF5724C4243}] => (Allow) C:\Users\Denise\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{410E767A-7BF5-479C-B8A5-A844F49BD32F}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2FB2C07B-FB74-4F3B-8F9C-CB9AADD39FB5}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{44825738-657D-4781-AF8B-B5C7CC9381E6}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FF89640C-415A-44C1-AADB-70BE7BC0ED32}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{077305C1-6CA4-4440-91E3-91796E37AB6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{6E3F84AE-0C97-46DF-AE27-1352183502C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{B5D1D315-B367-43CE-ABAA-F2D8C74A0E9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{D512DE21-B79F-4BFC-9DA1-E3C9DA92231B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{ACFCD07C-A033-433D-9F94-3B083F2EB158}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{26C769EE-C490-41E2-8E33-F982AED27D12}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8C024486-2A32-43B1-A337-FBED48E33D47}C:\users\denise\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\denise\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D930DBF9-1A2C-44E4-853F-65D36BE9DE58}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5950631D-9FD3-4C0F-ABEE-5E0DE5246796}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E750D3D9-3B8D-49EF-B230-62ACFF1F2E48}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7BC0AB2F-3B7B-494E-8688-3E7D21578809}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{28E642CB-E2A6-4754-98C7-7EB68F2C0B33}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B4F9A977-F23C-43E4-B86C-6B8C91C6E9C7}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{0EE0F3F7-8294-4435-BCC2-1FFF90E6E88E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9FBE8FE5-0ADC-400E-BA2D-D2ED09058820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{92E232EB-4B0E-4347-A41E-E460E26E85F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06892A54-0D32-485D-A00D-49ABC63F7332}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DC610AF3-702C-433E-A1CA-736B1B623405}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{D812B741-A175-44EE-A9C6-76EA5E676A00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [TCP Query User{C4FA9BF0-5E5C-4E45-B8E9-4F6B5120A016}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{98CEC8B7-2C3C-4E2C-8987-FCB57ECD6178}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{C11653EC-C768-44C7-8A23-BD0C119B6B6A}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{156FAF76-F16C-4092-81E3-09DC85623F9E}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{AD9A4297-C8E7-4AF0-9498-F0622D07BBD3}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{82E23260-2925-4537-A54B-EBF1A3C5271B}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{4A029489-CDBE-468C-902E-F602E935DF52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{7CBCDFD0-1264-4F98-8308-810F0C77898D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{4DB9C503-2104-4B3B-B489-AA87B971EC78}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{09B490A0-33CD-408E-8DAA-85107302ED4E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{82CBB81C-28C5-46B4-80D0-293ABC1A243F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7AFB2B2F-5EBE-4C43-AE3F-022ABD259DAE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{264DE989-FF16-44C1-91E9-B3909E7FDA3C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{AEF8F3B9-A84E-4102-9236-9A734296C033}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{46CE26BD-3ABB-4695-BD53-437ABD8EA23F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{CEF7B75C-B74A-4217-A65D-4E5C0563D67C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [TCP Query User{260EDB40-7783-4AB7-B696-F33C1D7AE530}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{6EC3281C-C5FE-4622-81BB-04393E9B100E}C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\users\denise\downloads\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{C0254287-BA1C-46AC-82B5-BCD9421E7610}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{ED5F17EC-ED5B-4B5C-8683-163C1FF19047}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1D309B50-8114-4341-8204-B0F6D792DBCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plantera\Plantera.exe
FirewallRules: [{8F8C8879-A857-4F5B-86EE-52C7D4BE036A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Plantera\Plantera.exe
FirewallRules: [{E1236C48-44F5-4D86-A2FB-DFC66F6BD649}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guest\TheGuestSteam_Test.exe
FirewallRules: [{CB2E6E50-E365-4C56-9065-08484F7395F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guest\TheGuestSteam_Test.exe
FirewallRules: [{17EC79A6-35B4-4E06-BEB0-D88B3265C76A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CFE9155A-1F52-4E45-B10B-3926AACE054A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{15CD06B2-9A60-4B00-A53B-A8F5480AEC00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{311613AD-925A-4187-BEBF-1BDB64EE445F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{263035E6-FB7E-4700-B650-C3D91BADD530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{C05A21D5-F7D4-4AA7-9F56-111F832E4527}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Slime Rancher\SlimeRancher.exe
FirewallRules: [{3D6ED0DB-18CF-47B6-B94C-0E3A5543B52D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9A5FE8C4-E35A-42D6-A362-9BCF984CBC52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FEB60B57-D58C-4EFA-9A65-C2BC94A20E76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{2964DDF6-846B-4405-A169-7C8BBF4643DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{23FF6FA8-2E72-4881-921E-9F020FC9A397}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{51CA4EE6-B381-400B-A3D6-AAAAA3F11B91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{F39F3E71-32A1-42C1-9FCC-DAF01388E44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{88BE5797-3782-4A5F-B95D-7D27DB95CD9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{C69DE373-590B-4BA2-B555-7715B351C8E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bunker\TheBunker.exe
FirewallRules: [{68CA7CDD-47A2-434C-9220-57AEC86DDCE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bunker\TheBunker.exe
FirewallRules: [{E8AA1BEE-10F5-4240-A606-6BD3BBB6B026}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Layers of Fear\Layers of Fear.exe
FirewallRules: [{897DA43B-3B01-4A5E-876F-837F3A379D1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Layers of Fear\Layers of Fear.exe
FirewallRules: [{3238C134-3485-4894-8933-6745E9B17A9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{8286DB86-74C8-4889-B5A1-9FB8FF6F319F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Digimon Masters Online - Steam\DMLauncher.exe
FirewallRules: [{F11AEBF6-A5C7-4DD8-A5D7-621BE26D3ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1C0CE1ED-483C-48C8-9D91-3186D683C8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ECC94EDD-9B5C-4923-852A-F97357194624}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{C040E497-9E19-48D6-8EFB-0E67C12B1EF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{136E67A8-0F02-4F6A-8EA4-0D3B81AE393D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{9C89A31A-2BD6-4A17-BC71-B40BCF51E384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{E48C3944-8B3B-466C-8E18-B305E06B2C15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{63A64D62-5CBB-499A-B241-0D22634CE5C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [TCP Query User{0D400897-B446-4BF1-AA38-2C0FF4758B6A}C:\program files (x86)\bsgo\launcher\launcher.exe] => (Allow) C:\program files (x86)\bsgo\launcher\launcher.exe
FirewallRules: [UDP Query User{8BC76652-19FD-4C10-9C7F-A7ECA9E4A2E8}C:\program files (x86)\bsgo\launcher\launcher.exe] => (Allow) C:\program files (x86)\bsgo\launcher\launcher.exe
FirewallRules: [{73FDAF87-493D-4BDD-AA39-D908A7378C39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Secret Pets!\My Secret Pets!.exe
FirewallRules: [{9EC02E6B-9746-4178-8243-4196AF1DD64C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Secret Pets!\My Secret Pets!.exe
FirewallRules: [{3BBE75B1-FAF2-4614-82BF-2BB99A88A617}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Time Mysteries Inheritance Remastered\TimeMysteries_Inheritance.exe
FirewallRules: [{9DCAEEF9-CC72-45DD-BD35-B5032569BCBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Time Mysteries Inheritance Remastered\TimeMysteries_Inheritance.exe
FirewallRules: [{3E241EAA-0027-45EE-A5CE-23AA859B4F58}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F4C0B238-D7A7-40A1-AB91-E9F4DD0A6374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Train Mechanic Simulator 2017\tms.exe
FirewallRules: [{588801CD-9B3E-4671-B802-5E4DCFED41BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Train Mechanic Simulator 2017\tms.exe
FirewallRules: [{33E16F0F-D4D2-4CFF-8B5D-D777D07F1AA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{65F82802-B7F0-4909-BF9B-C0146A5EC075}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{2255EBB4-60A7-458B-8EBE-6667149ABB7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{CDC00CD1-BEB2-40D8-BCC1-8F3AC78BB209}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{767781E8-A5A9-4673-91E6-86318487A20D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{842EB312-4B4A-4998-9866-8FE73166DCFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{66398C04-A3D6-46FD-829A-23AFF154D10B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B78095FB-6AC2-4911-81CA-9F749B703C51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8005229D-DC8B-4113-9B3B-9A10A2C52708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C921035B-5131-4E35-9E32-11FD6814A709}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C74C4B10-1987-4A79-83E7-9CB6D3C09390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{FA2E2993-F187-4A82-825C-9043654973A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{57F95B4F-700C-437D-98E4-E774108750AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{478BB1EF-937B-4BDA-BADB-6AC7B98C1C43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{0CACF6F7-EFE4-4D7D-AE33-1199A3A43EFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{89F3FA57-18FE-4329-91AB-A42AE9A6FD1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C4FB3067-B43F-4DC1-9E8C-7BF38A263878}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4F10A1A1-6921-4E89-9507-005715D31253}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{91C22983-2BCD-4A29-B8C4-F706CB6858A9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{2EF9F7BC-C691-45D8-92A8-970E7173B01F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{5BCF3425-C812-4BEF-9AAE-610366086EDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{23CAE663-8E55-44ED-8AAF-17CA7BE72D2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe
FirewallRules: [{B89427D6-8813-45FC-9633-3A0DD84CE475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe
FirewallRules: [{C3CE2525-1656-4E62-9D3B-C0BEEA97AE55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe
FirewallRules: [{C63635A6-098E-4D91-A893-D9BC47958787}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe

==================== Wiederherstellungspunkte =========================

20-04-2017 05:14:30 Geplanter Prüfpunkt
29-04-2017 13:55:02 Geplanter Prüfpunkt
02-05-2017 15:12:15 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/02/2017 03:28:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d3c

Startzeit: 01d2c3472a3a3e9e

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 1ec4ca4f-2f3b-11e7-8290-1cb72c068d56

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/02/2017 03:30:13 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (05/02/2017 03:28:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DENISE-NOTEBOOK)
Description: Die Anwendung oder der Dienst "Microsoft Office Document Cache Sync Client Interface" konnte nicht heruntergefahren werden.

Error: (04/29/2017 12:29:06 PM) (Source: Microsoft Office) (EventID: 2011) (User: )
Description: Event-ID 2011

Error: (04/29/2017 12:29:06 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x9; CorrelationId: {11BBF64C-8B01-43FB-A3A3-122340BA6335}

Error: (04/28/2017 12:37:38 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {A3229088-E1A0-4C06-A4FD-E29154FA12B8}

Error: (04/28/2017 06:05:04 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/27/2017 06:05:04 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/26/2017 06:05:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/25/2017 06:05:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


Systemfehler:
=============
Error: (05/02/2017 09:11:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/02/2017 09:11:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (04/23/2017 05:18:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2147952449 = Die angeforderte Adresse ist in diesem Kontext ungültig.

Error: (04/23/2017 05:18:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%2147952449 = Die angeforderte Adresse ist in diesem Kontext ungültig.

Error: (04/23/2017 05:18:24 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.101 mit dem Computer mit der
Netzwerkhardwareadresse 58-48-22-A7-B3-98 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (04/23/2017 11:36:05 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/23/2017 11:36:05 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/23/2017 11:35:59 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/23/2017 11:35:59 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/23/2017 11:35:59 AM) (Source: DCOM) (EventID: 10010) (User: DENISE-NOTEBOOK)
Description: Der Server "{4545DEA0-2DFC-4906-A728-6D986BA399A9}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-04-17 11:03:43.701
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-11 16:55:29.507
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-24 13:07:19.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-18 14:59:19.778
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 21:55:36.543
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-22 17:22:33.337
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-11 15:35:14.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 8094.8 MB
Verfügbarer physikalischer RAM: 2416.37 MB
Summe virtueller Speicher: 13456.41 MB
Verfügbarer virtueller Speicher: 5634.84 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:451.83 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:1101.7 GB) (Free:1100.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 510BFD71)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 03.05.2017, 17:35   #2
M-K-D-B
/// TB-Ausbilder
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.

  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 03.05.2017, 19:42   #3
Damina1997
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Nichts gefunden

Code:
ATTFilter
19:39:30.0769 0x1f70  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
19:39:30.0769 0x1f70  UEFI system
19:39:34.0145 0x1f70  ============================================================
19:39:34.0145 0x1f70  Current date / time: 2017/05/03 19:39:34.0145
19:39:34.0145 0x1f70  SystemInfo:
19:39:34.0145 0x1f70  
19:39:34.0145 0x1f70  OS Version: 6.3.9600 ServicePack: 0.0
19:39:34.0145 0x1f70  Product type: Workstation
19:39:34.0145 0x1f70  ComputerName: DENISE-NOTEBOOK
19:39:34.0145 0x1f70  UserName: Denise
19:39:34.0145 0x1f70  Windows directory: C:\Windows
19:39:34.0145 0x1f70  System windows directory: C:\Windows
19:39:34.0145 0x1f70  Running under WOW64
19:39:34.0145 0x1f70  Processor architecture: Intel x64
19:39:34.0145 0x1f70  Number of processors: 4
19:39:34.0145 0x1f70  Page size: 0x1000
19:39:34.0145 0x1f70  Boot type: Normal boot
19:39:34.0145 0x1f70  CodeIntegrityOptions = 0x00000001
19:39:34.0145 0x1f70  ============================================================
19:39:34.0719 0x1f70  KLMD registered as C:\Windows\system32\drivers\57294390.sys
19:39:34.0719 0x1f70  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18589, osProperties = 0x19
19:39:37.0998 0x1f70  System UUID: {87C47AFB-BC0C-FD50-874D-AAADF320F6F8}
19:39:38.0824 0x1f70  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:39:38.0840 0x1f70  ============================================================
19:39:38.0840 0x1f70  \Device\Harddisk0\DR0:
19:39:38.0840 0x1f70  GPT partitions:
19:39:38.0841 0x1f70  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {97B903BD-5F53-4E7A-9FA1-606DDCA081C8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
19:39:38.0841 0x1f70  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2ABB7EE7-7C9E-4FA2-9183-5C83C802894B}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
19:39:38.0841 0x1f70  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A65EDFED-FE47-470C-B9BB-8A24FB1995A2}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
19:39:38.0841 0x1f70  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B86E7570-AABD-4474-82AE-DDED9B0E406A}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x5D269000
19:39:38.0841 0x1f70  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AA171FE6-1FD0-4E2E-A595-907A18DE113D}, Name: Basic data partition, StartLBA 0x5D49D800, BlocksNum 0x89B66000
19:39:38.0841 0x1f70  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7945A28C-2B26-4FE8-90D6-0ADF54A33D82}, Name: Basic data partition, StartLBA 0xE7003800, BlocksNum 0x1E05000
19:39:38.0841 0x1f70  MBR partitions:
19:39:38.0841 0x1f70  ============================================================
19:39:38.0842 0x1f70  C: <-> \Device\Harddisk0\DR0\Partition4
19:39:38.0877 0x1f70  D: <-> \Device\Harddisk0\DR0\Partition5
19:39:38.0877 0x1f70  ============================================================
19:39:38.0877 0x1f70  Initialize success
19:39:38.0877 0x1f70  ============================================================
19:40:04.0086 0x1d38  ============================================================
19:40:04.0086 0x1d38  Scan started
19:40:04.0086 0x1d38  Mode: Manual; SigCheck; TDLFS; 
19:40:04.0086 0x1d38  ============================================================
19:40:04.0086 0x1d38  KSN ping started
19:40:04.0196 0x1d38  KSN ping finished: true
19:40:05.0905 0x1d38  ================ Scan system memory ========================
19:40:05.0906 0x1d38  System memory - ok
19:40:05.0906 0x1d38  ================ Scan services =============================
19:40:06.0030 0x1d38  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
19:40:06.0165 0x1d38  1394ohci - ok
19:40:06.0220 0x1d38  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
19:40:06.0231 0x1d38  3ware - ok
19:40:06.0264 0x1d38  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:40:06.0289 0x1d38  ACPI - ok
19:40:06.0300 0x1d38  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
19:40:06.0309 0x1d38  acpiex - ok
19:40:06.0319 0x1d38  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
19:40:06.0339 0x1d38  acpipagr - ok
19:40:06.0343 0x1d38  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
19:40:06.0416 0x1d38  AcpiPmi - ok
19:40:06.0419 0x1d38  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
19:40:06.0444 0x1d38  acpitime - ok
19:40:06.0472 0x1d38  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
19:40:06.0498 0x1d38  ADP80XX - ok
19:40:06.0541 0x1d38  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:40:06.0625 0x1d38  AeLookupSvc - ok
19:40:06.0661 0x1d38  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
19:40:06.0784 0x1d38  AFD - ok
19:40:06.0836 0x1d38  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
19:40:06.0911 0x1d38  AgereSoftModem - ok
19:40:06.0926 0x1d38  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:40:06.0935 0x1d38  agp440 - ok
19:40:06.0959 0x1d38  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
19:40:07.0001 0x1d38  ahcache - ok
19:40:07.0024 0x1d38  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
19:40:07.0068 0x1d38  AiCharger - ok
19:40:07.0106 0x1d38  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
19:40:07.0180 0x1d38  ALG - ok
19:40:07.0214 0x1d38  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
19:40:07.0262 0x1d38  AmdK8 - ok
19:40:07.0287 0x1d38  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
19:40:07.0310 0x1d38  AmdPPM - ok
19:40:07.0324 0x1d38  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:40:07.0333 0x1d38  amdsata - ok
19:40:07.0342 0x1d38  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:40:07.0356 0x1d38  amdsbs - ok
19:40:07.0384 0x1d38  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:40:07.0393 0x1d38  amdxata - ok
19:40:07.0419 0x1d38  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
19:40:07.0487 0x1d38  AppID - ok
19:40:07.0498 0x1d38  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:40:07.0522 0x1d38  AppIDSvc - ok
19:40:07.0542 0x1d38  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
19:40:07.0701 0x1d38  Appinfo - ok
19:40:07.0748 0x1d38  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
19:40:07.0833 0x1d38  AppReadiness - ok
19:40:07.0875 0x1d38  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
19:40:08.0002 0x1d38  AppXSvc - ok
19:40:08.0014 0x1d38  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:40:08.0025 0x1d38  arcsas - ok
19:40:08.0102 0x1d38  [ 564CB886D1A968B9798C1AB03F4EB54F, F7F73E5C17C0848462860E367215F5D9D4C52E1AA26B3154EC60BA14CBD56556 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
19:40:08.0111 0x1d38  ASLDRService - ok
19:40:08.0133 0x1d38  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:40:08.0150 0x1d38  ASMMAP64 - ok
19:40:08.0184 0x1d38  [ DB5610839DBEBE48AA963DFA96FD7103, AADB0D5BFE8C28E31266FA48FEE41B82DC8B5D6F3E12238AD3E06C800F2D72A8 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
19:40:08.0206 0x1d38  Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
19:40:08.0267 0x1d38  Detect skipped due to KSN trusted
19:40:08.0267 0x1d38  Asus WebStorage Windows Service - ok
19:40:08.0286 0x1d38  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:40:08.0294 0x1d38  atapi - ok
19:40:08.0412 0x1d38  [ D9627C9671ECC9F808503102CA7AD6C9, 42E93B12367313A1847FAEFDE51B60AFC282309111B77167D7D5E6F1D8FA4A25 ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
19:40:08.0560 0x1d38  athr - ok
19:40:08.0577 0x1d38  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
19:40:08.0584 0x1d38  ATKGFNEXSrv - ok
19:40:08.0610 0x1d38  [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:40:08.0665 0x1d38  ATKWMIACPIIO - ok
19:40:08.0693 0x1d38  [ 356DF170C97E3E52D027CFF5812CBFD4, 02AB1861FFEC4EB1971E77C7677C7947C9C8D4CD192A8CBB5C99E3FDDD57EEA5 ] ATP             C:\Windows\System32\drivers\AsusTP.sys
19:40:08.0730 0x1d38  ATP - ok
19:40:08.0764 0x1d38  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
19:40:08.0812 0x1d38  AudioEndpointBuilder - ok
19:40:08.0846 0x1d38  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:40:08.0882 0x1d38  Audiosrv - ok
19:40:08.0920 0x1d38  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:40:08.0963 0x1d38  AxInstSV - ok
19:40:09.0003 0x1d38  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:40:09.0024 0x1d38  b06bdrv - ok
19:40:09.0040 0x1d38  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
19:40:09.0113 0x1d38  BasicDisplay - ok
19:40:09.0163 0x1d38  [ 195BD339B4B782B42C19489DCFB4D110, E63CC0AEF1875D5D127E341CF65117DABC9E376A83E615EC8D01F6AB705DABAD ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
19:40:09.0232 0x1d38  BasicRender - ok
19:40:09.0252 0x1d38  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
19:40:09.0272 0x1d38  bcmfn2 - ok
19:40:09.0310 0x1d38  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\Windows\System32\bdesvc.dll
19:40:09.0389 0x1d38  BDESVC - ok
19:40:09.0408 0x1d38  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
19:40:09.0475 0x1d38  Beep - ok
19:40:09.0559 0x1d38  [ 5B413BEADC23C9D182F7EC09C10441FA, E16E06848492331107C6D682D93D35C5D1A0DC8CAD3816B42203A4BF05932C7E ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:40:09.0747 0x1d38  BEService - ok
19:40:09.0796 0x1d38  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
19:40:09.0897 0x1d38  BFE - ok
19:40:09.0943 0x1d38  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
19:40:10.0063 0x1d38  BITS - ok
19:40:10.0115 0x1d38  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:40:10.0129 0x1d38  Bonjour Service - ok
19:40:10.0156 0x1d38  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:40:10.0343 0x1d38  bowser - ok
19:40:10.0387 0x1d38  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
19:40:10.0486 0x1d38  BrokerInfrastructure - ok
19:40:10.0512 0x1d38  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
19:40:10.0590 0x1d38  Browser - ok
19:40:10.0645 0x1d38  [ 6BCB49FC7819FD27FF1D58DC501B3AFF, 67D75A259B1246B2D03036919279386CBC10A4781CDE32DD0C52F013CF0F4E31 ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
19:40:10.0660 0x1d38  BstHdAndroidSvc - ok
19:40:10.0692 0x1d38  [ 165CE3A95700E82E68C008386A485737, 9926F260E3F8589A38E65ED474A347FB59A5256F2B84B61612A13165E2E96152 ] BstHdDrv        C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
19:40:10.0701 0x1d38  BstHdDrv - ok
19:40:10.0732 0x1d38  [ 8E82A346573847BB2EE786AEE01A7059, 3C870FF83F1EF5F13C8257422EC8DE5ABDE7C0CDFFBE3AA8E1995F9824E29AA6 ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
19:40:10.0747 0x1d38  BstHdLogRotatorSvc - ok
19:40:10.0776 0x1d38  [ AC50E24F12AE6E26F2262BFEEBFAB7F6, 9E52A2AE91093104E76189B3336047CBAD4C3A4AAE10B83B991EE01A01275AD5 ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
19:40:10.0791 0x1d38  BstHdPlusAndroidSvc - ok
19:40:10.0815 0x1d38  [ 2C6666644FD22060F6B887C70C3F1D6C, 625E7BF27487564BBBB5F08DBE78D282D026F22C97F7B0E4A2FF8DF3F58ECA99 ] BstkDrv         C:\Program Files (x86)\Bluestacks\BstkDrv.sys
19:40:10.0827 0x1d38  BstkDrv - ok
19:40:10.0864 0x1d38  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
19:40:10.0938 0x1d38  BthAvrcpTg - ok
19:40:10.0974 0x1d38  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
19:40:11.0093 0x1d38  BthEnum - ok
19:40:11.0119 0x1d38  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
19:40:11.0166 0x1d38  BthHFEnum - ok
19:40:11.0171 0x1d38  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
19:40:11.0196 0x1d38  bthhfhid - ok
19:40:11.0233 0x1d38  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
19:40:11.0267 0x1d38  BthHFSrv - ok
19:40:11.0290 0x1d38  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
19:40:11.0361 0x1d38  BTHMODEM - ok
19:40:11.0398 0x1d38  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
19:40:11.0451 0x1d38  BthPan - ok
19:40:11.0497 0x1d38  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
19:40:11.0568 0x1d38  BTHPORT - ok
19:40:11.0601 0x1d38  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
19:40:11.0690 0x1d38  bthserv - ok
19:40:11.0734 0x1d38  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
19:40:11.0790 0x1d38  BTHUSB - ok
19:40:11.0820 0x1d38  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:40:11.0889 0x1d38  cdfs - ok
19:40:11.0906 0x1d38  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
19:40:11.0931 0x1d38  cdrom - ok
19:40:11.0967 0x1d38  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:40:12.0022 0x1d38  CertPropSvc - ok
19:40:12.0041 0x1d38  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
19:40:12.0066 0x1d38  circlass - ok
19:40:12.0104 0x1d38  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\Windows\system32\drivers\CLFS.sys
19:40:12.0121 0x1d38  CLFS - ok
19:40:12.0791 0x1d38  [ 11D080DAE23758FF6AC272ADC4C89339, BE6329D6110A8F49A178A5FF3BFFE0AA3BE648B67FC14DBF02E094D2D629D748 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
19:40:12.0880 0x1d38  ClickToRunSvc - ok
19:40:12.0943 0x1d38  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
19:40:13.0006 0x1d38  CmBatt - ok
19:40:13.0057 0x1d38  [ C8823A6ECE66B997C8E9F413D1D671E7, D739A194BCA4C1979C5B2A71F4B8DAB0BCC1524808C50BA302847B6C82D77250 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:40:13.0079 0x1d38  CNG - ok
19:40:13.0112 0x1d38  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
19:40:13.0136 0x1d38  CompositeBus - ok
19:40:13.0139 0x1d38  COMSysApp - ok
19:40:13.0159 0x1d38  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
19:40:13.0224 0x1d38  condrv - ok
19:40:13.0294 0x1d38  [ 914FF716A3F667CD10B7C35630C3DF94, 6BFBFEDF85AA2ADD6C6C77F8D5C54EE1FC85516349763059082CDF840E990BC6 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:40:13.0552 0x1d38  cphs - ok
19:40:13.0588 0x1d38  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:40:13.0696 0x1d38  CryptSvc - ok
19:40:13.0715 0x1d38  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
19:40:13.0724 0x1d38  dam - ok
19:40:13.0828 0x1d38  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:40:13.0836 0x1d38  dbupdate - ok
19:40:13.0841 0x1d38  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
19:40:13.0850 0x1d38  dbupdatem - ok
19:40:13.0853 0x1d38  dbx - ok
19:40:13.0877 0x1d38  [ B8F34CB79DF33C1A613709D99F4BFE77, 686E4E071EA43C122B0BE41C471220DE9BB31A3D5FEB30079C058FCA02FF3A59 ] DbxSvc          C:\Windows\system32\DbxSvc.exe
19:40:13.0918 0x1d38  DbxSvc - ok
19:40:13.0961 0x1d38  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:40:14.0066 0x1d38  DcomLaunch - ok
19:40:14.0117 0x1d38  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
19:40:14.0210 0x1d38  defragsvc - ok
19:40:14.0253 0x1d38  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
19:40:14.0298 0x1d38  DeviceAssociationService - ok
19:40:14.0339 0x1d38  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
19:40:14.0380 0x1d38  DeviceInstall - ok
19:40:14.0413 0x1d38  [ 4FED6AD69C9EE1EE7FD3C88437138855, 71E0863898F2E3B1F9769C8A9980E2063042961D417FE0C969B2E5B7A0013978 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
19:40:14.0454 0x1d38  Dfsc - ok
19:40:14.0483 0x1d38  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:40:14.0494 0x1d38  dg_ssudbus - ok
19:40:14.0513 0x1d38  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:40:14.0597 0x1d38  Dhcp - ok
19:40:14.0670 0x1d38  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:40:14.0781 0x1d38  DiagTrack - ok
19:40:14.0805 0x1d38  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
19:40:14.0816 0x1d38  disk - ok
19:40:14.0845 0x1d38  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
19:40:14.0907 0x1d38  dmvsc - ok
19:40:14.0957 0x1d38  [ 1E365F2B4C8F6D4D9FF0D1B4A93C230C, 5CAC22131F376D55F09BF875F7CBC4D8827EBC189EEB5D713D693A3510B20077 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:40:15.0114 0x1d38  Dnscache - ok
19:40:15.0151 0x1d38  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:40:15.0217 0x1d38  dot3svc - ok
19:40:15.0249 0x1d38  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
19:40:15.0281 0x1d38  DPS - ok
19:40:15.0304 0x1d38  [ 4C1DDFC71179C642E86DB4A321724797, 7B57E45C4301F546CB1194FC028BA091D8495B98B5CB0E12F1819371774AF628 ] dptf_cpu        C:\Windows\System32\drivers\dptf_cpu.sys
19:40:15.0326 0x1d38  dptf_cpu - ok
19:40:15.0341 0x1d38  [ E3F0EE3422AE6448982C4AEB725A09E2, 00A22AA06D6F1BB21F4A7E170604D3FD72E5CDF1B570301454837CC578A1C769 ] dptf_pch        C:\Windows\System32\drivers\dptf_pch.sys
19:40:15.0361 0x1d38  dptf_pch - ok
19:40:15.0404 0x1d38  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:40:15.0411 0x1d38  drmkaud - ok
19:40:15.0448 0x1d38  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
19:40:15.0462 0x1d38  DsmSvc - ok
19:40:15.0522 0x1d38  [ E7100B511A7AC0422C3E5CC4D1DDC0A5, 7C4166096B824168FADD4B7222E25104DE9B81E2549B6F96F91340BD42AE7D74 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:40:15.0567 0x1d38  DXGKrnl - ok
19:40:15.0607 0x1d38  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
19:40:15.0633 0x1d38  e1iexpress - ok
19:40:15.0661 0x1d38  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
19:40:15.0710 0x1d38  Eaphost - ok
19:40:15.0814 0x1d38  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:40:15.0902 0x1d38  ebdrv - ok
19:40:15.0933 0x1d38  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
19:40:15.0942 0x1d38  EFS - ok
19:40:15.0954 0x1d38  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
19:40:15.0965 0x1d38  EhStorClass - ok
19:40:15.0983 0x1d38  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
19:40:15.0994 0x1d38  EhStorTcgDrv - ok
19:40:15.0999 0x1d38  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
19:40:16.0021 0x1d38  ErrDev - ok
19:40:16.0106 0x1d38  [ 127C81F616E8CB699CFC16B0A2AF412C, 62C450228BFD0B1C6EB286230E13192F682F9738F8E668E1A390B1A250281FA1 ] esifsvc         C:\Windows\SysWOW64\esif_uf.exe
19:40:16.0225 0x1d38  esifsvc - ok
19:40:16.0245 0x1d38  [ C7BB8A4F62C7B23D4548B465688A1CCF, FC824630149593FE9D469D5D7536B277EC0138F8B52980822488F9B43DFFFD32 ] esif_lf         C:\Windows\System32\drivers\esif_lf.sys
19:40:16.0288 0x1d38  esif_lf - ok
19:40:16.0353 0x1d38  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
19:40:16.0441 0x1d38  EventSystem - ok
19:40:16.0459 0x1d38  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:40:16.0561 0x1d38  exfat - ok
19:40:16.0590 0x1d38  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:40:16.0604 0x1d38  fastfat - ok
19:40:16.0652 0x1d38  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
19:40:16.0745 0x1d38  Fax - ok
19:40:16.0758 0x1d38  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
19:40:16.0776 0x1d38  fdc - ok
19:40:16.0799 0x1d38  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:40:16.0860 0x1d38  fdPHost - ok
19:40:16.0882 0x1d38  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:40:16.0905 0x1d38  FDResPub - ok
19:40:16.0934 0x1d38  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
19:40:16.0995 0x1d38  fhsvc - ok
19:40:17.0000 0x1d38  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:40:17.0009 0x1d38  FileInfo - ok
19:40:17.0025 0x1d38  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:40:17.0039 0x1d38  Filetrace - ok
19:40:17.0043 0x1d38  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
19:40:17.0070 0x1d38  flpydisk - ok
19:40:17.0107 0x1d38  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:40:17.0123 0x1d38  FltMgr - ok
19:40:17.0197 0x1d38  [ 359A7382DB639FE051455D868DEFF1A0, 1FFB6D8C96D9559081092F4BCA221AF993E40388D4951F72FFE6389894465A97 ] FontCache       C:\Windows\system32\FntCache.dll
19:40:17.0321 0x1d38  FontCache - ok
19:40:17.0401 0x1d38  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:40:17.0409 0x1d38  FontCache3.0.0.0 - ok
19:40:17.0444 0x1d38  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:40:17.0453 0x1d38  FsDepends - ok
19:40:17.0468 0x1d38  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:40:17.0476 0x1d38  Fs_Rec - ok
19:40:17.0522 0x1d38  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:40:17.0545 0x1d38  fvevol - ok
19:40:17.0556 0x1d38  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
19:40:17.0582 0x1d38  FxPPM - ok
19:40:17.0587 0x1d38  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:40:17.0597 0x1d38  gagp30kx - ok
19:40:17.0677 0x1d38  [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
19:40:17.0687 0x1d38  GamesAppIntegrationService - ok
19:40:17.0709 0x1d38  [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:40:17.0788 0x1d38  GamesAppService - ok
19:40:17.0815 0x1d38  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
19:40:17.0833 0x1d38  gencounter - ok
19:40:17.0973 0x1d38  [ C6E1E9A45C8BCFD073148B6A6B038C69, EB421C687BC3A3CF97685AA598EF0C671AA74DC801185D4E3C197C1B5B24EE02 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:40:18.0005 0x1d38  GfExperienceService - ok
19:40:18.0061 0x1d38  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
19:40:18.0072 0x1d38  GPIOClx0101 - ok
19:40:18.0140 0x1d38  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:40:18.0239 0x1d38  gpsvc - ok
19:40:18.0291 0x1d38  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:18.0299 0x1d38  gupdate - ok
19:40:18.0304 0x1d38  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:40:18.0311 0x1d38  gupdatem - ok
19:40:18.0344 0x1d38  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:40:18.0374 0x1d38  HdAudAddService - ok
19:40:18.0387 0x1d38  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
19:40:18.0481 0x1d38  HDAudBus - ok
19:40:18.0497 0x1d38  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
19:40:18.0523 0x1d38  HidBatt - ok
19:40:18.0551 0x1d38  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
19:40:18.0570 0x1d38  HidBth - ok
19:40:18.0574 0x1d38  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
19:40:18.0596 0x1d38  hidi2c - ok
19:40:18.0600 0x1d38  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
19:40:18.0623 0x1d38  HidIr - ok
19:40:18.0654 0x1d38  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
19:40:18.0717 0x1d38  hidserv - ok
19:40:18.0742 0x1d38  [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
19:40:18.0758 0x1d38  HIDSwitch - ok
19:40:18.0798 0x1d38  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
19:40:18.0913 0x1d38  HidUsb - ok
19:40:18.0941 0x1d38  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:40:18.0987 0x1d38  hkmsvc - ok
19:40:19.0016 0x1d38  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:40:19.0067 0x1d38  HomeGroupListener - ok
19:40:19.0107 0x1d38  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:40:19.0136 0x1d38  HomeGroupProvider - ok
19:40:19.0166 0x1d38  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:40:19.0175 0x1d38  HpSAMD - ok
19:40:19.0221 0x1d38  [ 030DD4F01AF3C32BA1AD00B549156F99, 5FDF4B199FDE1110CBC9DB164001A971057C982EB6AD5542BCD74AB3446E2D70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:40:19.0253 0x1d38  HTTP - ok
19:40:19.0258 0x1d38  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:40:19.0266 0x1d38  hwpolicy - ok
19:40:19.0280 0x1d38  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
19:40:19.0292 0x1d38  hyperkbd - ok
19:40:19.0306 0x1d38  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
19:40:19.0333 0x1d38  HyperVideo - ok
19:40:19.0362 0x1d38  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
19:40:19.0450 0x1d38  i8042prt - ok
19:40:19.0465 0x1d38  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
19:40:19.0472 0x1d38  iaLPSSi_GPIO - ok
19:40:19.0488 0x1d38  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
19:40:19.0496 0x1d38  iaLPSSi_I2C - ok
19:40:19.0522 0x1d38  [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
19:40:19.0541 0x1d38  iaStorA - ok
19:40:19.0583 0x1d38  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
19:40:19.0603 0x1d38  iaStorAV - ok
19:40:19.0624 0x1d38  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:40:19.0642 0x1d38  iaStorV - ok
19:40:19.0693 0x1d38  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
19:40:19.0767 0x1d38  ICCS - ok
19:40:19.0770 0x1d38  IEEtwCollectorService - ok
19:40:19.0905 0x1d38  [ ECB36AF6AD46914933CA3F0FBA8937C1, 865204BABD6C9715C80B97E86BC93F86FEE0F16E145A1F652CAA7632FDCD424E ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:40:20.0090 0x1d38  igfx - ok
19:40:20.0119 0x1d38  [ 302725501C5A7C788BDDF13E123E02F0, 8B3994A2F9C032080E9A7A5D3478F2FBDAC55E1D5817AF2A891C0E1947EFBDAB ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:40:20.0196 0x1d38  igfxCUIService1.0.0.0 - ok
19:40:20.0256 0x1d38  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
19:40:20.0310 0x1d38  IKEEXT - ok
19:40:20.0342 0x1d38  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:40:20.0393 0x1d38  intaud_WaveExtensible - ok
19:40:20.0518 0x1d38  [ 32ECEDDBE016E7131124559A7D461054, 08E865788DAF10D055DBDE3A701F8C0DD92A7B4A2803D4B5C48D44B682C9C66E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:40:20.0685 0x1d38  IntcAzAudAddService - ok
19:40:20.0724 0x1d38  [ EA26AE512C63026756D2ACA0711BA7E5, EF77823BE2B7ED8276D04D9427354512B162D907DE68327AEC0E7208B64A61E3 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:40:20.0742 0x1d38  IntcDAud - ok
19:40:20.0815 0x1d38  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:40:21.0423 0x1d38  Intel(R) Capability Licensing Service TCP IP Interface - ok
19:40:21.0456 0x1d38  [ 02555C6B4BFC2934E9C7E5B83E4C62CF, 8E6AC57322A5B6DB38009A811702C19C2DF621A5519D0D2EB8B264A9A8F1147B ] IntelHSWPcc     C:\Windows\system32\drivers\IntelPcc.sys
19:40:21.0478 0x1d38  IntelHSWPcc - ok
19:40:21.0497 0x1d38  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:40:21.0504 0x1d38  intelide - ok
19:40:21.0526 0x1d38  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
19:40:21.0536 0x1d38  intelpep - ok
19:40:21.0546 0x1d38  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
19:40:21.0567 0x1d38  intelppm - ok
19:40:21.0588 0x1d38  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:40:21.0649 0x1d38  IpFilterDriver - ok
19:40:21.0695 0x1d38  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:40:21.0795 0x1d38  iphlpsvc - ok
19:40:21.0830 0x1d38  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
19:40:21.0905 0x1d38  IPMIDRV - ok
19:40:21.0919 0x1d38  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:40:21.0963 0x1d38  IPNAT - ok
19:40:21.0982 0x1d38  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:40:22.0017 0x1d38  IRENUM - ok
19:40:22.0020 0x1d38  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:40:22.0029 0x1d38  isapnp - ok
19:40:22.0072 0x1d38  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
19:40:22.0088 0x1d38  iScsiPrt - ok
19:40:22.0102 0x1d38  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
19:40:22.0121 0x1d38  iwdbus - ok
19:40:22.0173 0x1d38  [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:40:22.0183 0x1d38  jhi_service - ok
19:40:22.0204 0x1d38  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
19:40:22.0214 0x1d38  kbdclass - ok
19:40:22.0222 0x1d38  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
19:40:22.0245 0x1d38  kbdhid - ok
19:40:22.0270 0x1d38  [ 6C6F4A5FC5A2343995D1B0F111D5CF06, 62282992D3B1634C7BBDD1BCFC13F77FC806AD85B2C667FA09D73355825D19A8 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
19:40:22.0321 0x1d38  kbfiltr - ok
19:40:22.0345 0x1d38  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
19:40:22.0441 0x1d38  kdnic - ok
19:40:22.0478 0x1d38  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
19:40:22.0487 0x1d38  KeyIso - ok
19:40:22.0524 0x1d38  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:40:22.0534 0x1d38  KSecDD - ok
19:40:22.0572 0x1d38  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:40:22.0585 0x1d38  KSecPkg - ok
19:40:22.0592 0x1d38  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:40:22.0602 0x1d38  ksthunk - ok
19:40:22.0641 0x1d38  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:40:22.0676 0x1d38  KtmRm - ok
19:40:22.0712 0x1d38  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:40:22.0751 0x1d38  LanmanServer - ok
19:40:22.0795 0x1d38  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:40:22.0821 0x1d38  LanmanWorkstation - ok
19:40:22.0868 0x1d38  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
19:40:22.0953 0x1d38  lfsvc - ok
19:40:23.0015 0x1d38  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:40:23.0041 0x1d38  lltdio - ok
19:40:23.0117 0x1d38  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:40:23.0148 0x1d38  lltdsvc - ok
19:40:23.0173 0x1d38  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:40:23.0223 0x1d38  lmhosts - ok
19:40:23.0273 0x1d38  [ DBA3BC9C377A867350099D693E8A3413, F3BDF96C8A3749DDD24FB60F3220A404450C043154F49AB64B3A433EED2906FE ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:40:23.0289 0x1d38  LMS - ok
19:40:23.0320 0x1d38  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:40:23.0331 0x1d38  LSI_SAS - ok
19:40:23.0335 0x1d38  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:40:23.0346 0x1d38  LSI_SAS2 - ok
19:40:23.0350 0x1d38  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
19:40:23.0360 0x1d38  LSI_SAS3 - ok
19:40:23.0365 0x1d38  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
19:40:23.0375 0x1d38  LSI_SSS - ok
19:40:23.0421 0x1d38  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
19:40:23.0520 0x1d38  LSM - ok
19:40:23.0536 0x1d38  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:40:23.0600 0x1d38  luafv - ok
19:40:23.0622 0x1d38  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:40:23.0629 0x1d38  MBAMProtector - ok
19:40:23.0716 0x1d38  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:40:23.0746 0x1d38  MBAMService - ok
19:40:23.0815 0x1d38  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:40:23.0824 0x1d38  MBAMSwissArmy - ok
19:40:23.0846 0x1d38  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:40:23.0852 0x1d38  MBAMWebAccessControl - ok
19:40:23.0861 0x1d38  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
19:40:23.0869 0x1d38  megasas - ok
19:40:23.0895 0x1d38  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
19:40:23.0917 0x1d38  megasr - ok
19:40:23.0947 0x1d38  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
19:40:23.0971 0x1d38  MEIx64 - ok
19:40:23.0999 0x1d38  [ 24AEBF843F88CF0A5B455F483F8F0100, 5E29549F6074997910271B838A77EDF2878D2D3B4B751813592F1C6EEA8112E7 ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
19:40:24.0010 0x1d38  mfeelamk - ok
19:40:24.0038 0x1d38  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
19:40:24.0110 0x1d38  MMCSS - ok
19:40:24.0114 0x1d38  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
19:40:24.0126 0x1d38  Modem - ok
19:40:24.0143 0x1d38  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
19:40:24.0229 0x1d38  monitor - ok
19:40:24.0240 0x1d38  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
19:40:24.0249 0x1d38  mouclass - ok
19:40:24.0276 0x1d38  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
19:40:24.0314 0x1d38  mouhid - ok
19:40:24.0355 0x1d38  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:40:24.0365 0x1d38  mountmgr - ok
19:40:24.0398 0x1d38  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:40:24.0440 0x1d38  mpsdrv - ok
19:40:24.0491 0x1d38  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:40:24.0545 0x1d38  MpsSvc - ok
19:40:24.0571 0x1d38  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:40:24.0693 0x1d38  MRxDAV - ok
19:40:24.0727 0x1d38  [ E2FC654EC895E92A022794329BFC53EC, BDEFF410B8A1D213B652A86DBF53774A3EBD58C32CCB9180712F9F3777307688 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:40:24.0761 0x1d38  mrxsmb - ok
19:40:24.0787 0x1d38  [ B213149BE26DD213C44AD61DB19C1251, E28886C1E78E54BBA74DD9779BB18B20D9CB8DF1CCD387FE415F1748719EE5F6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:40:24.0895 0x1d38  mrxsmb10 - ok
19:40:24.0914 0x1d38  [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:40:24.0938 0x1d38  mrxsmb20 - ok
19:40:24.0970 0x1d38  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
19:40:24.0981 0x1d38  MsBridge - ok
19:40:25.0018 0x1d38  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
19:40:25.0031 0x1d38  MSDTC - ok
19:40:25.0045 0x1d38  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:40:25.0066 0x1d38  Msfs - ok
19:40:25.0092 0x1d38  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
19:40:25.0101 0x1d38  msgpiowin32 - ok
19:40:25.0114 0x1d38  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:40:25.0123 0x1d38  mshidkmdf - ok
19:40:25.0140 0x1d38  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
19:40:25.0161 0x1d38  mshidumdf - ok
19:40:25.0175 0x1d38  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:40:25.0183 0x1d38  msisadrv - ok
19:40:25.0212 0x1d38  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:40:25.0354 0x1d38  MSiSCSI - ok
19:40:25.0357 0x1d38  msiserver - ok
19:40:25.0372 0x1d38  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:40:25.0382 0x1d38  MSKSSRV - ok
19:40:25.0417 0x1d38  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
19:40:25.0479 0x1d38  MsLldp - ok
19:40:25.0498 0x1d38  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:40:25.0522 0x1d38  MSPCLOCK - ok
19:40:25.0525 0x1d38  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:40:25.0541 0x1d38  MSPQM - ok
19:40:25.0562 0x1d38  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:40:25.0579 0x1d38  MsRPC - ok
19:40:25.0596 0x1d38  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
19:40:25.0606 0x1d38  mssmbios - ok
19:40:25.0620 0x1d38  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:40:25.0658 0x1d38  MSTEE - ok
19:40:25.0670 0x1d38  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
19:40:25.0679 0x1d38  MTConfig - ok
19:40:25.0705 0x1d38  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\Windows\system32\Drivers\mup.sys
19:40:25.0715 0x1d38  Mup - ok
19:40:25.0725 0x1d38  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
19:40:25.0734 0x1d38  mvumis - ok
19:40:25.0770 0x1d38  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
19:40:25.0796 0x1d38  napagent - ok
19:40:25.0840 0x1d38  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:40:25.0890 0x1d38  NativeWifiP - ok
19:40:25.0920 0x1d38  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
19:40:25.0959 0x1d38  NcaSvc - ok
19:40:25.0986 0x1d38  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
19:40:26.0125 0x1d38  NcbService - ok
19:40:26.0149 0x1d38  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
19:40:26.0206 0x1d38  NcdAutoSetup - ok
19:40:26.0259 0x1d38  [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:40:26.0294 0x1d38  NDIS - ok
19:40:26.0323 0x1d38  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:40:26.0350 0x1d38  NdisCap - ok
19:40:26.0376 0x1d38  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
19:40:26.0423 0x1d38  NdisImPlatform - ok
19:40:26.0439 0x1d38  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:40:26.0474 0x1d38  NdisTapi - ok
19:40:26.0502 0x1d38  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:40:26.0590 0x1d38  Ndisuio - ok
19:40:26.0604 0x1d38  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
19:40:26.0623 0x1d38  NdisVirtualBus - ok
19:40:26.0655 0x1d38  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:40:26.0700 0x1d38  NdisWan - ok
19:40:26.0706 0x1d38  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
19:40:26.0718 0x1d38  NdisWanLegacy - ok
19:40:26.0750 0x1d38  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:40:26.0777 0x1d38  NDProxy - ok
19:40:26.0794 0x1d38  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
19:40:26.0869 0x1d38  Ndu - ok
19:40:26.0894 0x1d38  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:40:26.0920 0x1d38  NetBIOS - ok
19:40:26.0954 0x1d38  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:40:27.0007 0x1d38  NetBT - ok
19:40:27.0026 0x1d38  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
19:40:27.0035 0x1d38  Netlogon - ok
19:40:27.0071 0x1d38  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
19:40:27.0086 0x1d38  Netman - ok
19:40:27.0135 0x1d38  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
19:40:27.0167 0x1d38  netprofm - ok
19:40:27.0215 0x1d38  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:40:27.0271 0x1d38  NetTcpPortSharing - ok
19:40:27.0302 0x1d38  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
19:40:27.0381 0x1d38  netvsc - ok
19:40:27.0661 0x1d38  [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
19:40:27.0940 0x1d38  NETwNs64 - ok
19:40:27.0983 0x1d38  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:40:28.0058 0x1d38  NlaSvc - ok
19:40:28.0086 0x1d38  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:40:28.0105 0x1d38  Npfs - ok
19:40:28.0107 0x1d38  npggsvc - ok
19:40:28.0121 0x1d38  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
19:40:28.0186 0x1d38  npsvctrig - ok
19:40:28.0218 0x1d38  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
19:40:28.0356 0x1d38  nsi - ok
19:40:28.0384 0x1d38  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:40:28.0394 0x1d38  nsiproxy - ok
19:40:28.0476 0x1d38  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:40:28.0535 0x1d38  Ntfs - ok
19:40:28.0556 0x1d38  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
19:40:28.0579 0x1d38  Null - ok
19:40:28.0879 0x1d38  [ DA35308DEDB50C91EFD46B42F991DE26, 86E72D446014ED655E3DD2BB85A1A21BF0BF3C0EE5266E8E3D893FCDE25F9BE4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:40:29.0201 0x1d38  nvlddmkm - ok
19:40:29.0307 0x1d38  [ A6102293847A7A2DF01E7BF7AC1C1F12, 14E4E75711C00DA826136FB531E9AD53787502F441103386C5CD37EEFCE27AFC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:40:29.0357 0x1d38  NvNetworkService - ok
19:40:29.0385 0x1d38  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:40:29.0396 0x1d38  nvraid - ok
19:40:29.0402 0x1d38  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:40:29.0415 0x1d38  nvstor - ok
19:40:29.0446 0x1d38  [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:40:29.0452 0x1d38  NvStreamKms - ok
19:40:29.0558 0x1d38  [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:40:29.0641 0x1d38  NvStreamNetworkSvc - ok
19:40:29.0692 0x1d38  [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:40:29.0751 0x1d38  NvStreamSvc - ok
19:40:29.0804 0x1d38  [ A9FE27CA00E66C455520E8B75883B630, D2FEFC75C0881ECC0A80EA2DD92DD9D2A28EB26F81085F8C17DCEA3F717D86E9 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:40:29.0838 0x1d38  nvsvc - ok
19:40:29.0868 0x1d38  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:40:29.0877 0x1d38  nvvad_WaveExtensible - ok
19:40:29.0882 0x1d38  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:40:29.0893 0x1d38  nv_agp - ok
19:40:29.0989 0x1d38  [ 42467D28DCFAEDBA6DC0EE30017DDECE, C77430D4AE994E526B293957303AB725E09C3D3712562E3FA1B0EA68CFEE6C34 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:40:30.0206 0x1d38  Origin Client Service - ok
19:40:30.0274 0x1d38  [ CD8AC370189D6B4A899D9E9C011D58AC, 158757A34AC35BCFDA6ECE5D2C8E695A26DA864E15D855938FE6B6EB7416CEE9 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
19:40:30.0398 0x1d38  Origin Web Helper Service - ok
19:40:30.0480 0x1d38  [ F0DFE1E16F11D18898610A28F9AC3EB7, 658D1084F2328B87ACBFF490657A6C8630BCBFC47D303FDC60AC3E186FE0FE4B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:40:30.0491 0x1d38  ose - ok
19:40:30.0634 0x1d38  [ 931511E896BFD07E7AF9E8D986CAAB02, C22CDCB1B42AFC20D474F5FD32EB7F3FD7DC15C9C7C1ACB2E9C312CE7BB84C66 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
19:40:30.0673 0x1d38  OverwolfUpdater - ok
19:40:30.0715 0x1d38  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:40:30.0775 0x1d38  p2pimsvc - ok
19:40:30.0810 0x1d38  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
19:40:30.0852 0x1d38  p2psvc - ok
19:40:30.0889 0x1d38  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\Windows\System32\drivers\parport.sys
19:40:31.0081 0x1d38  Parport - ok
19:40:31.0118 0x1d38  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:40:31.0128 0x1d38  partmgr - ok
19:40:31.0169 0x1d38  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:40:31.0229 0x1d38  PcaSvc - ok
19:40:31.0257 0x1d38  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
19:40:31.0273 0x1d38  pci - ok
19:40:31.0303 0x1d38  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:40:31.0311 0x1d38  pciide - ok
19:40:31.0326 0x1d38  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:40:31.0336 0x1d38  pcmcia - ok
19:40:31.0358 0x1d38  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:40:31.0367 0x1d38  pcw - ok
19:40:31.0396 0x1d38  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
19:40:31.0406 0x1d38  pdc - ok
19:40:31.0422 0x1d38  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:40:31.0488 0x1d38  PEAUTH - ok
19:40:31.0547 0x1d38  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:40:31.0643 0x1d38  PerfHost - ok
19:40:31.0719 0x1d38  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
19:40:31.0770 0x1d38  pla - ok
19:40:31.0840 0x1d38  [ 91B93EF867E5A0D782BEB7C31F29598D, 16E1F87233164E2D3CF24D17F383C96E57A95B215EC46880EF2CD4F139103B1C ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
19:40:31.0959 0x1d38  PlaysService - ok
19:40:31.0999 0x1d38  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:40:32.0010 0x1d38  PlugPlay - ok
19:40:32.0057 0x1d38  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:40:32.0066 0x1d38  PNRPAutoReg - ok
19:40:32.0113 0x1d38  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:40:32.0129 0x1d38  PNRPsvc - ok
19:40:32.0176 0x1d38  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:40:32.0239 0x1d38  PolicyAgent - ok
19:40:32.0273 0x1d38  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
19:40:32.0384 0x1d38  Power - ok
19:40:32.0500 0x1d38  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
19:40:32.0769 0x1d38  PrintNotify - ok
19:40:32.0824 0x1d38  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
19:40:32.0894 0x1d38  Processor - ok
19:40:32.0921 0x1d38  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
19:40:32.0992 0x1d38  ProfSvc - ok
19:40:33.0022 0x1d38  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:40:33.0044 0x1d38  Psched - ok
19:40:33.0071 0x1d38  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
19:40:33.0118 0x1d38  QWAVE - ok
19:40:33.0152 0x1d38  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:40:33.0178 0x1d38  QWAVEdrv - ok
19:40:33.0203 0x1d38  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:40:33.0223 0x1d38  RasAcd - ok
19:40:33.0253 0x1d38  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
19:40:33.0280 0x1d38  RasAuto - ok
19:40:33.0319 0x1d38  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
19:40:33.0385 0x1d38  RasMan - ok
19:40:33.0404 0x1d38  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:40:33.0429 0x1d38  RasPppoe - ok
19:40:33.0468 0x1d38  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:40:33.0599 0x1d38  rdbss - ok
19:40:33.0612 0x1d38  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
19:40:33.0669 0x1d38  rdpbus - ok
19:40:33.0683 0x1d38  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:40:33.0788 0x1d38  RDPDR - ok
19:40:33.0819 0x1d38  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:40:33.0827 0x1d38  RdpVideoMiniport - ok
19:40:33.0845 0x1d38  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:40:33.0859 0x1d38  rdyboost - ok
19:40:33.0906 0x1d38  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
19:40:33.0937 0x1d38  ReFS - ok
19:40:33.0975 0x1d38  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:40:33.0998 0x1d38  RemoteAccess - ok
19:40:34.0029 0x1d38  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:40:34.0087 0x1d38  RemoteRegistry - ok
19:40:34.0117 0x1d38  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
19:40:34.0140 0x1d38  RFCOMM - ok
19:40:34.0178 0x1d38  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:40:34.0199 0x1d38  RpcEptMapper - ok
19:40:34.0227 0x1d38  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
19:40:34.0282 0x1d38  RpcLocator - ok
19:40:34.0328 0x1d38  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\Windows\system32\rpcss.dll
19:40:34.0354 0x1d38  RpcSs - ok
19:40:34.0359 0x1d38  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:40:34.0382 0x1d38  rspndr - ok
19:40:34.0416 0x1d38  [ 4EC89C0725CE4B98994B88F19B30C288, 4FA73C24A2E18D04CE27EEF17C9AE847D0251B711F60D116139F6166F90CD08F ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
19:40:34.0442 0x1d38  RSUSBVSTOR - ok
19:40:34.0479 0x1d38  [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
19:40:34.0516 0x1d38  RTL8168 - ok
19:40:34.0546 0x1d38  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
19:40:34.0554 0x1d38  s3cap - ok
19:40:34.0580 0x1d38  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
19:40:34.0589 0x1d38  SamSs - ok
19:40:34.0610 0x1d38  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:40:34.0621 0x1d38  sbp2port - ok
19:40:34.0654 0x1d38  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:40:34.0692 0x1d38  SCardSvr - ok
19:40:34.0721 0x1d38  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
19:40:34.0733 0x1d38  ScDeviceEnum - ok
19:40:34.0763 0x1d38  [ FA7ABD857DEB0FE3C94CC39A4C845E66, ACD551F75E00C4EB9CFDA73B04051D0BF5FF0BA67C716E1989A21683D8777A41 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:40:34.0790 0x1d38  scfilter - ok
19:40:34.0844 0x1d38  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
19:40:34.0930 0x1d38  Schedule - ok
19:40:34.0952 0x1d38  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:40:34.0962 0x1d38  SCPolicySvc - ok
19:40:35.0000 0x1d38  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
19:40:35.0015 0x1d38  sdbus - ok
19:40:35.0020 0x1d38  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
19:40:35.0030 0x1d38  sdstor - ok
19:40:35.0061 0x1d38  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:40:35.0117 0x1d38  secdrv - ok
19:40:35.0152 0x1d38  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
19:40:35.0211 0x1d38  seclogon - ok
19:40:35.0239 0x1d38  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
19:40:35.0279 0x1d38  SENS - ok
19:40:35.0311 0x1d38  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:40:35.0381 0x1d38  SensrSvc - ok
19:40:35.0394 0x1d38  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
19:40:35.0403 0x1d38  SerCx - ok
19:40:35.0409 0x1d38  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
19:40:35.0420 0x1d38  SerCx2 - ok
19:40:35.0453 0x1d38  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\Windows\System32\drivers\serenum.sys
19:40:35.0476 0x1d38  Serenum - ok
19:40:35.0493 0x1d38  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\Windows\System32\drivers\serial.sys
19:40:35.0518 0x1d38  Serial - ok
19:40:35.0540 0x1d38  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
19:40:35.0560 0x1d38  sermouse - ok
19:40:35.0621 0x1d38  [ C42D93E4211D16EE0315D38C6618659E, CA280B8B42C4F7C47669DF3129E4FD56F861D94D8840C26EFFC669757B4EC495 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:40:35.0663 0x1d38  SessionEnv - ok
19:40:35.0667 0x1d38  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
19:40:35.0694 0x1d38  sfloppy - ok
19:40:35.0731 0x1d38  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:40:35.0760 0x1d38  SharedAccess - ok
19:40:35.0832 0x1d38  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:40:35.0909 0x1d38  ShellHWDetection - ok
19:40:35.0914 0x1d38  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:40:35.0923 0x1d38  SiSRaid2 - ok
19:40:35.0945 0x1d38  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:40:35.0954 0x1d38  SiSRaid4 - ok
19:40:35.0983 0x1d38  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
19:40:36.0166 0x1d38  smphost - ok
19:40:36.0201 0x1d38  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:40:36.0223 0x1d38  SNMPTRAP - ok
19:40:36.0263 0x1d38  [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
19:40:36.0283 0x1d38  spaceport - ok
19:40:36.0288 0x1d38  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
19:40:36.0297 0x1d38  SpbCx - ok
19:40:36.0348 0x1d38  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
19:40:36.0439 0x1d38  Spooler - ok
19:40:36.0612 0x1d38  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:40:36.0785 0x1d38  sppsvc - ok
19:40:36.0827 0x1d38  [ D10F18E3287374D3B40D41C1651355DE, 6DF4A00FAB90EBA65B2D3008103960EA9E9308DADB1F3E9B3D4CB3F812FBF1D2 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:40:36.0889 0x1d38  srv - ok
19:40:36.0918 0x1d38  [ E6520A3B215FAFBF23E24AB22C44F973, 2D3B771CA20B77D31DFE211EC999B27F6D17A07B7C767F265A4FDFBF1AE17D1D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:40:37.0025 0x1d38  srv2 - ok
19:40:37.0060 0x1d38  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:40:37.0147 0x1d38  srvnet - ok
19:40:37.0188 0x1d38  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:40:37.0213 0x1d38  SSDPSRV - ok
19:40:37.0242 0x1d38  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:40:37.0268 0x1d38  SstpSvc - ok
19:40:37.0300 0x1d38  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
19:40:37.0313 0x1d38  ssudmdm - ok
19:40:37.0412 0x1d38  [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:40:37.0760 0x1d38  Steam Client Service - ok
19:40:37.0799 0x1d38  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:40:37.0808 0x1d38  stexstor - ok
19:40:37.0850 0x1d38  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
19:40:37.0936 0x1d38  stisvc - ok
19:40:37.0953 0x1d38  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
19:40:37.0963 0x1d38  storahci - ok
19:40:37.0992 0x1d38  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:40:38.0001 0x1d38  storflt - ok
19:40:38.0033 0x1d38  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
19:40:38.0042 0x1d38  stornvme - ok
19:40:38.0076 0x1d38  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
19:40:38.0143 0x1d38  StorSvc - ok
19:40:38.0147 0x1d38  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:40:38.0156 0x1d38  storvsc - ok
19:40:38.0186 0x1d38  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
19:40:38.0227 0x1d38  svsvc - ok
19:40:38.0257 0x1d38  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
19:40:38.0265 0x1d38  swenum - ok
19:40:38.0308 0x1d38  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
19:40:38.0351 0x1d38  swprv - ok
19:40:38.0410 0x1d38  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
19:40:38.0487 0x1d38  SysMain - ok
19:40:38.0519 0x1d38  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
19:40:38.0559 0x1d38  SystemEventsBroker - ok
19:40:38.0599 0x1d38  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:40:38.0671 0x1d38  TabletInputService - ok
19:40:38.0702 0x1d38  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:40:38.0738 0x1d38  TapiSrv - ok
19:40:38.0826 0x1d38  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:40:38.0894 0x1d38  Tcpip - ok
19:40:38.0944 0x1d38  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:40:39.0006 0x1d38  TCPIP6 - ok
19:40:39.0041 0x1d38  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:40:39.0072 0x1d38  tcpipreg - ok
19:40:39.0096 0x1d38  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:40:39.0117 0x1d38  tdx - ok
19:40:39.0138 0x1d38  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
19:40:39.0146 0x1d38  terminpt - ok
19:40:39.0198 0x1d38  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
19:40:39.0318 0x1d38  TermService - ok
19:40:39.0359 0x1d38  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
19:40:39.0383 0x1d38  Themes - ok
19:40:39.0414 0x1d38  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:40:39.0424 0x1d38  THREADORDER - ok
19:40:39.0464 0x1d38  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
19:40:39.0494 0x1d38  TimeBroker - ok
19:40:39.0515 0x1d38  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
19:40:39.0529 0x1d38  TPM - ok
19:40:39.0564 0x1d38  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
19:40:39.0591 0x1d38  TrkWks - ok
19:40:39.0639 0x1d38  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:40:39.0691 0x1d38  TrustedInstaller - ok
19:40:39.0719 0x1d38  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:40:39.0776 0x1d38  TsUsbFlt - ok
19:40:39.0804 0x1d38  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
19:40:39.0852 0x1d38  TsUsbGD - ok
19:40:39.0882 0x1d38  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:40:39.0924 0x1d38  tunnel - ok
19:40:39.0947 0x1d38  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:40:39.0956 0x1d38  uagp35 - ok
19:40:39.0976 0x1d38  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
19:40:39.0987 0x1d38  UASPStor - ok
19:40:40.0021 0x1d38  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
19:40:40.0034 0x1d38  UCX01000 - ok
19:40:40.0056 0x1d38  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:40:40.0155 0x1d38  udfs - ok
19:40:40.0180 0x1d38  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
19:40:40.0188 0x1d38  UEFI - ok
19:40:40.0221 0x1d38  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:40:40.0250 0x1d38  UI0Detect - ok
19:40:40.0254 0x1d38  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:40:40.0263 0x1d38  uliagpkx - ok
19:40:40.0279 0x1d38  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
19:40:40.0289 0x1d38  umbus - ok
19:40:40.0292 0x1d38  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
19:40:40.0309 0x1d38  UmPass - ok
19:40:40.0344 0x1d38  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:40:40.0422 0x1d38  UmRdpService - ok
19:40:40.0464 0x1d38  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
19:40:40.0499 0x1d38  upnphost - ok
19:40:40.0522 0x1d38  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:40:40.0582 0x1d38  usbaudio - ok
19:40:40.0589 0x1d38  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
19:40:40.0601 0x1d38  usbccgp - ok
19:40:40.0640 0x1d38  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
19:40:40.0665 0x1d38  usbcir - ok
19:40:40.0702 0x1d38  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
19:40:40.0713 0x1d38  usbehci - ok
19:40:40.0758 0x1d38  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
19:40:40.0780 0x1d38  usbhub - ok
19:40:40.0842 0x1d38  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
19:40:40.0863 0x1d38  USBHUB3 - ok
19:40:40.0881 0x1d38  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
19:40:40.0996 0x1d38  usbohci - ok
19:40:41.0015 0x1d38  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
19:40:41.0083 0x1d38  usbprint - ok
19:40:41.0112 0x1d38  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
19:40:41.0125 0x1d38  USBSTOR - ok
19:40:41.0139 0x1d38  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
19:40:41.0160 0x1d38  usbuhci - ok
19:40:41.0188 0x1d38  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:40:41.0217 0x1d38  usbvideo - ok
19:40:41.0253 0x1d38  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
19:40:41.0270 0x1d38  USBXHCI - ok
19:40:41.0281 0x1d38  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
19:40:41.0290 0x1d38  VaultSvc - ok
19:40:41.0302 0x1d38  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:40:41.0311 0x1d38  vdrvroot - ok
19:40:41.0370 0x1d38  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
19:40:41.0417 0x1d38  vds - ok
19:40:41.0425 0x1d38  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
19:40:41.0437 0x1d38  VerifierExt - ok
19:40:41.0490 0x1d38  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
19:40:41.0515 0x1d38  vhdmp - ok
19:40:41.0535 0x1d38  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:40:41.0543 0x1d38  viaide - ok
19:40:41.0569 0x1d38  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:40:41.0578 0x1d38  vmbus - ok
19:40:41.0597 0x1d38  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
19:40:41.0606 0x1d38  VMBusHID - ok
19:40:41.0609 0x1d38  vmci - ok
19:40:41.0647 0x1d38  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
19:40:41.0683 0x1d38  vmicguestinterface - ok
19:40:41.0694 0x1d38  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
19:40:41.0712 0x1d38  vmicheartbeat - ok
19:40:41.0725 0x1d38  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
19:40:41.0743 0x1d38  vmickvpexchange - ok
19:40:41.0755 0x1d38  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
19:40:41.0773 0x1d38  vmicrdv - ok
19:40:41.0785 0x1d38  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
19:40:41.0803 0x1d38  vmicshutdown - ok
19:40:41.0815 0x1d38  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
19:40:41.0833 0x1d38  vmictimesync - ok
19:40:41.0845 0x1d38  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
19:40:41.0863 0x1d38  vmicvss - ok
19:40:41.0867 0x1d38  VMnetAdapter - ok
19:40:41.0907 0x1d38  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:40:41.0917 0x1d38  volmgr - ok
19:40:41.0927 0x1d38  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:40:41.0944 0x1d38  volmgrx - ok
19:40:41.0988 0x1d38  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:40:42.0005 0x1d38  volsnap - ok
19:40:42.0029 0x1d38  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
19:40:42.0038 0x1d38  vpci - ok
19:40:42.0053 0x1d38  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:40:42.0065 0x1d38  vsmraid - ok
19:40:42.0127 0x1d38  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
19:40:42.0222 0x1d38  VSS - ok
19:40:42.0232 0x1d38  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
19:40:42.0247 0x1d38  VSTXRAID - ok
19:40:42.0272 0x1d38  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:40:42.0536 0x1d38  vwifibus - ok
19:40:42.0563 0x1d38  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:40:42.0604 0x1d38  vwififlt - ok
19:40:42.0616 0x1d38  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
19:40:42.0641 0x1d38  vwifimp - ok
19:40:42.0682 0x1d38  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
19:40:42.0748 0x1d38  W32Time - ok
19:40:42.0774 0x1d38  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
19:40:42.0792 0x1d38  WacomPen - ok
19:40:42.0852 0x1d38  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\Windows\system32\wbengine.exe
19:40:42.0923 0x1d38  wbengine - ok
19:40:42.0950 0x1d38  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:40:43.0043 0x1d38  WbioSrvc - ok
19:40:43.0067 0x1d38  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
19:40:43.0099 0x1d38  Wcmsvc - ok
19:40:43.0150 0x1d38  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:40:43.0184 0x1d38  wcncsvc - ok
19:40:43.0212 0x1d38  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:40:43.0312 0x1d38  WcsPlugInService - ok
19:40:43.0348 0x1d38  [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
19:40:43.0357 0x1d38  WdBoot - ok
19:40:43.0409 0x1d38  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:40:43.0440 0x1d38  Wdf01000 - ok
19:40:43.0470 0x1d38  [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
19:40:43.0484 0x1d38  WdFilter - ok
19:40:43.0513 0x1d38  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:40:43.0543 0x1d38  WdiServiceHost - ok
19:40:43.0546 0x1d38  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:40:43.0558 0x1d38  WdiSystemHost - ok
19:40:43.0581 0x1d38  [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
19:40:43.0592 0x1d38  WdNisDrv - ok
19:40:43.0624 0x1d38  WdNisSvc - ok
19:40:43.0662 0x1d38  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\Windows\System32\webclnt.dll
19:40:43.0725 0x1d38  WebClient - ok
19:40:43.0749 0x1d38  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:40:43.0770 0x1d38  Wecsvc - ok
19:40:43.0796 0x1d38  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
19:40:43.0818 0x1d38  WEPHOSTSVC - ok
19:40:43.0845 0x1d38  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:40:43.0922 0x1d38  wercplsupport - ok
19:40:43.0953 0x1d38  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
19:40:43.0975 0x1d38  WerSvc - ok
19:40:44.0010 0x1d38  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
19:40:44.0021 0x1d38  WFPLWFS - ok
19:40:44.0051 0x1d38  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
19:40:44.0075 0x1d38  WiaRpc - ok
19:40:44.0089 0x1d38  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:40:44.0098 0x1d38  WIMMount - ok
19:40:44.0100 0x1d38  WinDefend - ok
19:40:44.0187 0x1d38  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
19:40:44.0284 0x1d38  WinHttpAutoProxySvc - ok
19:40:44.0337 0x1d38  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:40:44.0408 0x1d38  Winmgmt - ok
19:40:44.0493 0x1d38  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:40:44.0590 0x1d38  WinRM - ok
19:40:44.0606 0x1d38  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\System32\drivers\WinUSB.sys
19:40:44.0680 0x1d38  WinUsb - ok
19:40:44.0750 0x1d38  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
19:40:44.0790 0x1d38  WlanSvc - ok
19:40:44.0878 0x1d38  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
19:40:44.0931 0x1d38  wlidsvc - ok
19:40:44.0961 0x1d38  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
19:40:44.0986 0x1d38  WmiAcpi - ok
19:40:45.0016 0x1d38  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:40:45.0028 0x1d38  wmiApSrv - ok
19:40:45.0052 0x1d38  WMPNetworkSvc - ok
19:40:45.0066 0x1d38  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
19:40:45.0077 0x1d38  Wof - ok
19:40:45.0145 0x1d38  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
19:40:45.0216 0x1d38  workfolderssvc - ok
19:40:45.0251 0x1d38  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
19:40:45.0260 0x1d38  wpcfltr - ok
19:40:45.0288 0x1d38  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:40:45.0343 0x1d38  WPCSvc - ok
19:40:45.0384 0x1d38  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:40:45.0472 0x1d38  WPDBusEnum - ok
19:40:45.0488 0x1d38  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
19:40:45.0496 0x1d38  WpdUpFltr - ok
19:40:45.0505 0x1d38  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:40:45.0528 0x1d38  ws2ifsl - ok
19:40:45.0557 0x1d38  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
19:40:45.0615 0x1d38  wscsvc - ok
19:40:45.0619 0x1d38  WSearch - ok
19:40:45.0724 0x1d38  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
19:40:45.0818 0x1d38  WSService - ok
19:40:45.0931 0x1d38  [ 970B6A52041C641E47D6A31288C08716, B40A2FE234C1E3E1F05BBF9656B46C97188C4589E2471DE15FF3C621063FE815 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:40:46.0067 0x1d38  wuauserv - ok
19:40:46.0096 0x1d38  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:40:46.0151 0x1d38  WudfPf - ok
19:40:46.0185 0x1d38  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
19:40:46.0215 0x1d38  WUDFRd - ok
19:40:46.0249 0x1d38  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:40:46.0270 0x1d38  wudfsvc - ok
19:40:46.0277 0x1d38  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
19:40:46.0289 0x1d38  WUDFWpdFs - ok
19:40:46.0295 0x1d38  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
19:40:46.0308 0x1d38  WUDFWpdMtp - ok
19:40:46.0352 0x1d38  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:40:46.0390 0x1d38  WwanSvc - ok
19:40:46.0398 0x1d38  ================ Scan global ===============================
19:40:46.0443 0x1d38  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
19:40:46.0484 0x1d38  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
19:40:46.0520 0x1d38  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
19:40:46.0575 0x1d38  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
19:40:46.0583 0x1d38  [ Global ] - ok
19:40:46.0583 0x1d38  ================ Scan MBR ==================================
19:40:46.0593 0x1d38  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:40:46.0649 0x1d38  \Device\Harddisk0\DR0 - ok
19:40:46.0649 0x1d38  ================ Scan VBR ==================================
19:40:46.0651 0x1d38  [ 4EB636ECD8AA1E6658885A7ACDD7C807 ] \Device\Harddisk0\DR0\Partition1
19:40:46.0652 0x1d38  \Device\Harddisk0\DR0\Partition1 - ok
19:40:46.0679 0x1d38  [ 1C7B055E353E842CA9B251286EE8D9D2 ] \Device\Harddisk0\DR0\Partition2
19:40:46.0681 0x1d38  \Device\Harddisk0\DR0\Partition2 - ok
19:40:46.0694 0x1d38  [ 36D560A2D5168277E361A1148ED8EFBB ] \Device\Harddisk0\DR0\Partition3
19:40:46.0694 0x1d38  \Device\Harddisk0\DR0\Partition3 - ok
19:40:46.0706 0x1d38  [ 960536C4936A319A647FB69E1BDA7609 ] \Device\Harddisk0\DR0\Partition4
19:40:46.0707 0x1d38  \Device\Harddisk0\DR0\Partition4 - ok
19:40:46.0725 0x1d38  [ 9831D49DD78F57ABA66C9B5A9DD13704 ] \Device\Harddisk0\DR0\Partition5
19:40:46.0726 0x1d38  \Device\Harddisk0\DR0\Partition5 - ok
19:40:46.0755 0x1d38  [ AAC270992AB24A547CA6B70F69477475 ] \Device\Harddisk0\DR0\Partition6
19:40:46.0756 0x1d38  \Device\Harddisk0\DR0\Partition6 - ok
19:40:46.0756 0x1d38  ================ Scan generic autorun ======================
19:40:46.0882 0x1d38  [ BE586B5D1D73E1F07ED5AADDEFBCAA47, 68D957EBE01DD369BF4E2D5D07A7EDF9408066E61056A1C4968DBF8CE5841BBE ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:40:46.0936 0x1d38  NvBackend - ok
19:40:46.0968 0x1d38  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
19:40:47.0045 0x1d38  ShadowPlay - ok
19:40:47.0045 0x1d38  WindowsDefender - ok
19:40:47.0100 0x1d38  [ EC160CC63955C4C4845C056962F9987F, 99AC2E788982742B9539C519F2E779C78C34CDF8CACBB4D34FF20F3E47981F5D ] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
19:40:47.0174 0x1d38  WebStorage - ok
19:40:47.0273 0x1d38  Dropbox - ok
19:40:47.0340 0x1d38  [ 39969FBA06DC0C0E12EFAAE0BBE6E699, 07241AD7CA2DC89BAF380291D3C29A8DA498E313466EA5DB0198D746EC8A5DAE ] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
19:40:47.0391 0x1d38  PlaysTV - ok
19:40:47.0446 0x1d38  [ 89E2275225B59A7C7F9F27B9ACF97EAA, E91056142E439F594D5929FC3710C88AE2B1FE5CE1FDD29A64C615741BFE89F8 ] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
19:40:47.0482 0x1d38  Raptr - ok
19:40:47.0531 0x1d38  [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:40:47.0549 0x1d38  SunJavaUpdateSched - ok
19:40:47.0667 0x1d38  [ 54C4D03796D44AA8A0BABE7B1B66DC30, C22DDD28A0F838E9025F9212339B4377D2A9269D781D64727ADD365A62773E83 ] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
19:40:47.0868 0x1d38  Overwolf - ok
19:40:48.0168 0x1d38  [ 5AC56F5BEBC027169A1588142A8F125A, 293D1A22B8D7645101AF4773479F8C6F3E920BF85A348253F6AB3FC8BB5CD36B ] C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe
19:40:48.0314 0x1d38  Spotify - ok
19:40:48.0452 0x1d38  [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] C:\Program Files (x86)\Steam\steam.exe
19:40:48.0521 0x1d38  Steam - ok
19:40:48.0769 0x1d38  [ C4668A2D015BFC941394010662CC21CC, 971712B7C2B12C2931A26B39D7FEB8D1AE0FDF2CEE33A6DE28232DA669CADB16 ] C:\Program Files\CCleaner\CCleaner64.exe
19:40:49.0105 0x1d38  CCleaner Monitoring - ok
19:40:49.0192 0x1d38  [ B98CC48EA3265B55E98686F740CE6EB7, DF3544EF61C28F63EB6FA7D44221814C7CA05EDE31226E9D5BAFAB6E14D7465F ] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
19:40:49.0228 0x1d38  BlueStacks Agent - ok
19:40:49.0322 0x1d38  Discord - ok
19:40:49.0397 0x1d38  [ 243F49E6B1AA97E01876020E17BDB4A9, 97E9CE8E9F1A77599B85B5952520B7D8BDDCE215F7EADAA884BA9F7E0D5BE568 ] C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
19:40:49.0431 0x1d38  Spotify Web Helper - ok
19:40:49.0434 0x1d38  Waiting for KSN requests completion. In queue: 161
19:40:49.0569 0x1fdc  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
19:40:49.0765 0x1fdc  Object send P2P result: true
19:40:50.0484 0x1d38  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x61100 ( enabled : updated )
19:40:50.0486 0x1d38  Win FW state via NFP2: enabled ( trusted )
19:40:50.0590 0x1d38  ============================================================
19:40:50.0590 0x1d38  Scan finished
19:40:50.0590 0x1d38  ============================================================
19:40:50.0596 0x08ac  Detected object count: 0
19:40:50.0596 0x08ac  Actual detected object count: 0
         
__________________

Alt 03.05.2017, 21:29   #4
M-K-D-B
/// TB-Ausbilder
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Servus,





Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
  • Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
  • Starte den Rechner im Anschluss neu auf.
  • Downloade dir den MBAM Uninstaller auf deinen Desktop.
  • Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.





Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 4
  • Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 03.05.2017, 22:29   #5
Damina1997
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Nabend

So dann wollen wir mal:

AdwCleaner:
Code:
ATTFilter
# AdwCleaner v6.046 - Bericht erstellt am 03/05/2017 um 21:35:05
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-03.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Denise - DENISE-NOTEBOOK
# Gestartet von : C:\Users\Denise\Downloads\AdwCleaner_6.046.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Web data] - vlc.de

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1373 Bytes] - [22/02/2017 13:19:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [1369 Bytes] - [22/02/2017 13:16:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1441 Bytes] - [22/02/2017 13:18:45]
C:\AdwCleaner\AdwCleaner[S2].txt - [1450 Bytes] - [03/05/2017 21:35:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1523 Bytes] ##########
         

MBAM:
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 03.05.17
Scan-Zeit: 22:04
Protokolldatei: MBAM.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1863
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: DENISE-NOTEBOOK\Denise

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 359550
Abgelaufene Zeit: 13 Min., 19 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
durchgeführt von Denise (Administrator) auf DENISE-NOTEBOOK (03-05-2017 22:19:03)
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1058360 2017-04-30] ()
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify] => C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Discord] => C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify Web Helper] => C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BF9CCFC1-6FCA-4ABF-8044-CAB8EB45663B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E5937EBF-A255-40C3-B2F8-6204570F2CF3}: [DhcpNameServer] 192.168.24.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: Kein Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome: 
=======
CHR Profile: C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default [2017-05-03]
CHR Extension: (Google Präsentationen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04]
CHR Extension: (Google Docs) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04]
CHR Extension: (Google Drive) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-24]
CHR Extension: (Google-Suche) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (FrankerFaceZ) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-12-17]
CHR Extension: (Google Tabellen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Twitch Live) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2017-01-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]
CHR HKU\S-1-5-21-2606138470-3405722970-712637843-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-07] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-29] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325896 2017-04-30] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-03] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 DfSdkS; kein ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-03 22:19 - 2017-05-03 22:19 - 00026522 _____ C:\Users\Denise\Downloads\FRST.txt
2017-05-03 22:18 - 2017-05-03 22:18 - 00001243 _____ C:\Users\Denise\Desktop\MBAM.txt
2017-05-03 22:18 - 2017-05-03 22:18 - 00000000 ____D C:\Users\Denise\Downloads\FRST-OlderVersion
2017-05-03 22:03 - 2017-05-03 22:03 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-03 22:03 - 2017-05-03 22:03 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-03 22:03 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-03 22:02 - 2017-05-03 22:02 - 60107896 _____ (Malwarebytes ) C:\Users\Denise\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-05-03 21:55 - 2017-05-03 21:55 - 00566128 _____ (Malwarebytes) C:\Users\Denise\Desktop\mbam-clean-2.3.0.1001.exe
2017-05-03 21:55 - 2017-05-03 21:55 - 00001514 _____ C:\Users\Denise\Downloads\mbam-clean-2.3.0.1001 (1).exe
2017-05-03 21:33 - 2017-05-03 21:33 - 04102600 _____ C:\Users\Denise\Downloads\AdwCleaner_6.046.exe
2017-05-03 20:16 - 2017-05-03 20:16 - 00001759 _____ C:\Users\Denise\Desktop\Google Drive.lnk
2017-05-03 20:15 - 2017-05-03 22:00 - 00000000 ___RD C:\Users\Denise\Google Drive
2017-05-03 20:15 - 2017-05-03 20:15 - 00002060 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00002058 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00002048 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-05-03 20:14 - 2017-05-03 20:14 - 01130328 _____ (Google Inc.) C:\Users\Denise\Downloads\googledrivesync.exe
2017-05-03 20:06 - 2017-05-03 20:06 - 00002259 _____ C:\Windows\epplauncher.mif
2017-05-03 19:39 - 2017-05-03 19:42 - 00233642 _____ C:\TDSSKiller.3.1.0.15_03.05.2017_19.39.30_log.txt
2017-05-03 19:39 - 2017-05-03 19:38 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Denise\Desktop\tdsskiller.exe
2017-05-03 19:38 - 2017-05-03 19:38 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Denise\Downloads\tdsskiller.exe
2017-05-03 02:42 - 2017-05-03 02:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-02 22:27 - 2017-05-03 22:18 - 02428928 _____ (Farbar) C:\Users\Denise\Downloads\FRST64.exe
2017-05-02 15:21 - 2017-05-02 15:21 - 00000000 ____D C:\Users\Denise\Documents\League of Legends
2017-05-02 15:15 - 2017-05-02 15:15 - 00000000 ____D C:\ProgramData\Riot Games
2017-05-02 15:14 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-05-02 15:13 - 2017-05-02 15:22 - 00001722 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-05-02 15:13 - 2017-05-02 15:13 - 00000000 ____D C:\Riot Games
2017-05-02 15:11 - 2017-05-02 15:14 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Riot Games
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-28 15:26 - 2017-04-29 14:00 - 00010972 _____ C:\Users\Denise\Desktop\Car Mechanic Fahrzeuge.xlsx
2017-04-12 10:44 - 2017-04-12 10:44 - 38952320 _____ (Mojang) C:\Users\Denise\Downloads\Minecraft.exe
2017-04-11 23:01 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 23:01 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-11 23:01 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 23:01 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 23:01 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 23:01 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 23:01 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 23:01 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 23:01 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 23:01 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 23:01 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 23:01 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 23:01 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-11 23:01 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-11 23:01 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 23:01 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-11 23:01 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 23:01 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 23:01 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 23:01 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 23:01 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 23:01 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 23:01 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-11 23:01 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 23:01 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 23:01 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 23:01 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-11 23:01 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 23:01 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 23:01 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-11 23:01 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-11 23:01 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-11 23:01 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2017-04-11 23:01 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-11 23:01 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-11 23:01 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-11 23:01 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-11 23:01 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-11 23:01 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 23:01 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-11 23:01 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-11 23:01 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2017-04-11 23:01 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2017-04-11 23:01 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-04-11 23:01 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-04-11 23:01 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-04-11 23:01 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-04-11 23:01 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-04-11 23:01 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-04-11 23:01 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-04-11 23:01 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-04-11 23:01 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-04-11 23:01 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-04-11 23:01 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-04-11 23:01 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-04-11 23:00 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-11 23:00 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-11 23:00 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-11 23:00 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-11 23:00 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 23:00 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 23:00 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 23:00 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-11 23:00 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-11 23:00 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-11 23:00 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-11 23:00 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 23:00 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 23:00 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 23:00 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 23:00 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 23:00 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 23:00 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 23:00 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\system32\ApnDatabase.xml
2017-04-11 23:00 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-04-07 21:49 - 2017-04-07 21:50 - 07662317 _____ C:\Users\Denise\Downloads\FTB_Launcher.exe
2017-04-05 14:56 - 2017-04-05 14:56 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Si7 studio

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-03 22:19 - 2017-02-22 11:37 - 00000000 ____D C:\FRST
2017-05-03 22:05 - 2015-11-04 19:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-03 22:03 - 2015-11-04 16:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2606138470-3405722970-712637843-1001
2017-05-03 22:02 - 2017-02-23 12:40 - 00001539 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2017-05-03 22:00 - 2015-11-04 16:13 - 00000000 ___RD C:\Users\Denise\OneDrive
2017-05-03 21:58 - 2015-11-04 16:20 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-03 21:58 - 2015-11-04 16:11 - 00000165 _____ C:\Users\Denise\AppData\Roaming\sp_data.sys
2017-05-03 21:58 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-03 21:54 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-03 21:52 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-03 21:40 - 2015-11-04 16:20 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-03 21:36 - 2017-02-22 13:15 - 00000000 ____D C:\AdwCleaner
2017-05-03 20:15 - 2015-11-04 16:18 - 00000000 ____D C:\Users\Denise\AppData\Local\Google
2017-05-03 20:15 - 2015-11-04 16:18 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-03 20:15 - 2015-11-04 16:05 - 00000000 ____D C:\Users\Denise
2017-05-03 19:35 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Roaming\TS3Client
2017-05-03 16:49 - 2016-01-08 17:39 - 00000000 ____D C:\Users\Denise\Documents\Euro Truck Simulator 2
2017-05-03 16:37 - 2016-02-16 02:18 - 00000000 ____D C:\Users\Denise\Documents\American Truck Simulator
2017-05-03 16:28 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-05-03 14:34 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-03 14:14 - 2016-09-10 13:49 - 02652160 ___SH C:\Users\Denise\Downloads\Thumbs.db
2017-05-03 14:11 - 2016-11-16 15:27 - 00000000 ____D C:\Users\Denise\Documents\Texte
2017-05-03 14:10 - 2016-08-30 15:36 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Temp
2017-05-03 13:31 - 2015-11-04 17:10 - 00000000 ____D C:\Users\Denise\AppData\Local\Spotify
2017-05-03 12:21 - 2015-11-04 17:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Spotify
2017-05-03 12:09 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-03 12:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-05-03 12:00 - 2016-08-01 12:33 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-05-03 12:00 - 2015-11-04 16:14 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-05-03 02:42 - 2015-11-04 16:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-02 22:41 - 2016-02-21 19:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2017-05-02 22:02 - 2014-10-29 14:02 - 00767018 _____ C:\Windows\system32\perfh007.dat
2017-05-02 22:02 - 2014-10-29 14:02 - 00159786 _____ C:\Windows\system32\perfc007.dat
2017-05-02 22:02 - 2014-03-18 17:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-02 16:07 - 2016-03-01 00:33 - 00007606 _____ C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2017-05-02 03:31 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-02 03:29 - 2014-10-29 08:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-30 16:13 - 2016-11-04 13:42 - 00000000 ____D C:\Users\Denise\Documents\Viscera
2017-04-30 11:51 - 2016-12-19 16:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.minecraft
2017-04-29 15:58 - 2015-11-04 16:18 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 15:58 - 2015-11-04 16:18 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-25 00:26 - 2015-12-27 23:36 - 00000000 ____D C:\Users\Denise\AppData\Local\CrashDumps
2017-04-17 13:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-04-17 10:39 - 2016-05-12 19:58 - 00001062 _____ C:\Users\Denise\Desktop\Neues Textdokument (3).txt
2017-04-17 10:32 - 2016-02-04 23:06 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.technic
2017-04-17 10:32 - 2016-02-04 23:05 - 04734784 _____ () C:\Users\Denise\Downloads\TechnicLauncher.exe
2017-04-14 18:06 - 2013-08-22 16:44 - 00479584 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 04:25 - 2015-11-06 16:01 - 00000000 ____D C:\Windows\system32\MRT
2017-04-12 04:23 - 2015-11-06 16:01 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-12 04:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-08 00:06 - 2016-08-11 12:13 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 22:31 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Local\ftblauncher
2017-04-07 21:59 - 2015-11-18 19:17 - 00000000 ____D C:\ftb
2017-04-07 21:50 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Roaming\ftblauncher
2017-04-05 14:58 - 2015-12-01 23:06 - 00000000 ____D C:\Users\Denise\Documents\My Games
2017-04-05 03:01 - 2016-12-09 20:49 - 00002370 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-04-05 03:01 - 2016-12-06 03:32 - 00003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-05 03:01 - 2016-02-21 14:41 - 00003196 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2606138470-3405722970-712637843-1001
2017-04-03 14:43 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Local\Overwolf

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-04 16:11 - 2017-05-03 21:58 - 0000165 _____ () C:\Users\Denise\AppData\Roaming\sp_data.sys
2016-07-12 23:15 - 2016-07-12 23:15 - 0001454 _____ () C:\Users\Denise\AppData\Local\recently-used.xbel
2016-03-01 00:33 - 2017-05-02 16:07 - 0007606 _____ () C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2015-03-18 14:53 - 2015-03-18 14:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Einige Dateien in TEMP:
====================
2017-05-03 14:07 - 2014-08-03 12:33 - 6726720 _____ (Foxit Corporation) C:\Users\Denise\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
2017-04-09 01:17 - 2017-04-09 01:17 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1040318976079216718.dll
2017-04-10 17:11 - 2017-04-10 17:11 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-107992347504823130.dll
2017-04-09 01:22 - 2017-04-09 01:22 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1393927604816923217.dll
2017-04-17 10:36 - 2017-04-17 10:36 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-1605890471314782318.dll
2017-04-17 20:28 - 2017-04-17 20:28 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2195549389685782762.dll
2017-04-12 16:12 - 2017-04-12 16:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2278816693079296955.dll
2017-04-29 10:40 - 2017-04-29 10:40 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2289259205964025034.dll
2017-04-12 11:52 - 2017-04-12 11:52 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2293235393832101607.dll
2017-04-17 20:37 - 2017-04-17 20:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2717276439790702517.dll
2017-04-26 12:12 - 2017-04-26 12:12 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2812241115399243833.dll
2017-04-09 01:37 - 2017-04-09 01:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2886755838872423022.dll
2017-04-10 13:57 - 2017-04-10 13:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-2947519856391172585.dll
2017-04-11 12:50 - 2017-04-11 12:50 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-3006947278836389063.dll
2017-04-09 01:33 - 2017-04-09 01:33 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-3275234403545714624.dll
2017-04-10 16:51 - 2017-04-10 16:51 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-363026189231537429.dll
2017-04-09 11:51 - 2017-04-09 11:51 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-382171821654916660.dll
2017-04-24 23:10 - 2017-04-24 23:10 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-38851600159007909.dll
2017-04-10 22:54 - 2017-04-10 22:54 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-4624524647489449371.dll
2017-04-27 21:45 - 2017-04-27 21:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-4671433893680303623.dll
2017-04-17 21:46 - 2017-04-17 21:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5245631579023480511.dll
2017-04-17 10:40 - 2017-04-17 10:40 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5651678435619837219.dll
2017-04-25 13:28 - 2017-04-25 13:28 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-5839221738519008296.dll
2017-04-24 12:00 - 2017-04-24 12:00 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-6858090211071687154.dll
2017-04-24 13:21 - 2017-04-24 13:21 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-782039470112850992.dll
2017-04-16 21:21 - 2017-04-16 21:21 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-811926212269422760.dll
2017-04-27 12:37 - 2017-04-27 12:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-851885707297706314.dll
2017-04-13 17:18 - 2017-04-13 17:18 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8695384281373204455.dll
2017-04-09 01:30 - 2017-04-09 01:30 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8793313027965502837.dll
2017-04-12 18:08 - 2017-04-12 18:08 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8855172364835676341.dll
2017-04-09 22:03 - 2017-04-09 22:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-8958763056661960550.dll
2017-04-12 10:44 - 2017-04-12 10:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-911095625501500122.dll
2017-04-11 14:06 - 2017-04-11 14:06 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Denise\AppData\Local\Temp\jansi-64-984113642458192691.dll
2017-04-21 02:28 - 2017-04-21 02:28 - 0739904 _____ (Oracle Corporation) C:\Users\Denise\AppData\Local\Temp\jre-8u131-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-29 13:47

==================== Ende von FRST.txt ============================
         

Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
durchgeführt von Denise (03-05-2017 22:20:50)
Gestartet von C:\Users\Denise\Downloads
Windows 8.1 (Update) (X64) (2015-11-04 14:07:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2606138470-3405722970-712637843-500 - Administrator - Disabled)
Denise (S-1-5-21-2606138470-3405722970-712637843-1001 - Administrator - Enabled) => C:\Users\Denise
Gast (S-1-5-21-2606138470-3405722970-712637843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2606138470-3405722970-712637843-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

 (HKLM\...\UDK-69f36ffc-40bd-40ec-849e-13683db6c5b3) (Version:  - RuneStorm
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.39 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestar Galactica Online (HKLM-x32\...\Battlestar Galactica Online_is1) (Version: 1.0 - Bigpoint GmbH)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version:  - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.293.1110 - Electronic Arts Inc.)
Digimon Masters Online (HKLM\...\Steam App 537180) (Version:  - Move Games Co., Ltd.)
Discord (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version:  - Giants Software)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hello Kitty Online POD Installer (HKLM-x32\...\{0150D55C-0FEE-4F1D-BEE5-085C0DD2B476}_is1) (Version: 1.9.9.0.2 - SANRIODIGITAL GAMES & ENTERTAINMENT INC)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Layers of Fear (HKLM\...\Steam App 391720) (Version:  - Bloober Team SA)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
My Secret Pets! (HKLM\...\Steam App 447180) (Version:  - Dogenzaka Lab)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3c3ba69a-df4e-4526-88e4-04f1ff87fc0d}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.234.0 - Overwolf Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.23) (Version: 2.0.23 - Ikara Software Limited)
Pixelmon Launcher (Beta) (x32 Version: 2.0.23 - Ikara Software Limited) Hidden
Plantera (HKLM\...\Steam App 421040) (Version:  - VaragtP)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version:  - Monomi Park)
Spotify (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Bunker (HKLM\...\Steam App 481110) (Version:  - Splendy Interactive)
The Guest (HKLM\...\Steam App 402040) (Version:  - Team Gotham)
The Walking Dead (HKLM\...\Steam App 207610) (Version:  - Telltale Games)
Time Mysteries: Inheritance - Remastered (HKLM\...\Steam App 350010) (Version:  - Artifex Mundi)
Train Mechanic Simulator 2017 (HKLM\...\Steam App 538810) (Version:  - Si7 Studio)
TruckersMP 0.2.1.3.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.5 Alpha - TruckersMP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-85b1f5f2-c617-4d5a-942e-760c69695908) (Version:  - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: Santas Rampage
Viscera Cleanup Detail: Santa's Rampage (HKLM\...\Steam App 265210) (Version:  - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2606138470-3405722970-712637843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Denise\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07321C46-5DD2-47DA-BA1C-EFB16558C116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {19322365-6413-495C-B6B3-587BB1FDA412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {24903DAB-555C-44AD-B392-68D313BA773A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3A1F1DDC-02BA-45AB-9A82-ECD4902A6552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {401F971E-3089-45D6-8760-58EB4216B3F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {4438B3D2-206C-48AA-9028-CA480F4D5768} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {62687EC0-BB73-4EA9-8F8E-A800049FE0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {8462300A-6056-404C-B8DB-BBAE66C20831} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {883A3F07-BB44-43B8-96A9-E39E723C41EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {911D73C4-9DE2-46B8-B701-59970283A9CF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {983DD468-029B-4F16-A77A-310293C8F729} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-04-30] (Overwolf LTD)
Task: {AB6DFF50-8E3D-419E-9173-D8DC9D6AF47B} - System32\Tasks\{F4B0E50F-1D1D-49E4-A13D-11BAF2D67674} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {B847F2D4-38DE-46D7-ABE1-0C0479CAECEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {D66A24C1-B98B-4B82-9873-5C95D27B7780} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {D9298A94-FF7B-4008-B247-DC3F13B8B46E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {E4B15ED4-FEFA-47BB-8ECC-7E9A9CCD4457} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {E81BCDCC-2BD4-422C-B3D3-FA24F205F188} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-02] (Microsoft Corporation)
Task: {F06024EE-88FE-4C41-8BA6-1393AB6721CF} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F2987583-C64B-4210-8369-6D05BCDC321D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F349EF15-C2F3-46B0-8189-E5FF70116D2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-18 14:49 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-01-14 04:24 - 2014-12-15 07:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2017-05-03 22:03 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-11-07 14:31 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2015-11-04 19:26 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 21:47 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 01082880 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-25 17:02 - 2017-01-25 17:02 - 03750400 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 00914432 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-25 17:02 - 2017-01-25 17:02 - 01127424 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-05-03 21:59 - 2017-05-03 21:59 - 00098816 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32api.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00110080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\pywintypes27.dll
2017-05-03 21:59 - 2017-05-03 21:59 - 00364544 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\pythoncom27.dll
2017-05-03 21:59 - 2017-05-03 21:59 - 00320512 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32com.shell.shell.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00914432 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_hashlib.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 01176576 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._core_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00806400 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._gdi_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00816128 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._windows_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 01067008 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._controls_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00733184 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._misc_.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00682496 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\pysqlite2._sqlite.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00088064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_ctypes.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00686080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\unicodedata.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00119808 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32file.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00108544 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32security.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00007168 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\hashobjs_ext.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00017920 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\thumbnails_ext.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00088064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\usb_ext.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00012800 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\common.time34.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00018432 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32event.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00167936 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32gui.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00046080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_socket.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 01303552 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_ssl.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00128512 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_elementtree.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00127488 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\pyexpat.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00038912 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32inet.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00036864 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_psutil_windows.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00524248 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\windows._lib_cacheinvalidation.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00011264 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32crypt.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00123392 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._wizard.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00077312 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._html2.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00027648 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_multiprocessing.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00020480 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\_yappi.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00035840 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32process.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00078848 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\wx._animate.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00024064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32pipe.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00010240 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\select.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00025600 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32pdh.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00017408 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32profile.pyd
2017-05-03 21:59 - 2017-05-03 21:59 - 00022528 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI58242\win32ts.pyd
2016-12-13 22:35 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-05-03 22:01 - 2017-05-03 22:01 - 00148992 _____ () \\?\C:\Users\Denise\AppData\Local\Temp\B3F4.tmp.node
2017-01-25 17:02 - 2017-05-02 22:48 - 02658296 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-25 17:03 - 2017-03-24 05:24 - 02665976 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Denise\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "BlueStacks Agent"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{7A6F54C6-0CBE-49D6-AEF9-484B93C44FFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84D56BD8-2192-499A-B071-F19532159EBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{059074FB-CF16-4C85-9510-B576B2C91E5E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21A95AF2-BF14-4471-88DA-0CEBCFB44E13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{5B15E0EC-833D-4499-8F24-A778C36CAF81}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D0A49A24-A871-43D5-AF9C-F559E03989B3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{FD7E0985-A45A-4202-BC41-FEAB87765304}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{F9B1A7A3-8D66-4491-AEA2-8188D3FA2B46}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

20-04-2017 05:14:30 Geplanter Prüfpunkt
29-04-2017 13:55:02 Geplanter Prüfpunkt
02-05-2017 15:12:15 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Denise-Notebook.local already in use; will try Denise-Notebook-2.local instead

Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Denise-Notebook.local. Addr 192.168.2.102

Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.102:5353   16 Denise-Notebook.local. AAAA 2003:00DA:1BCB:CE38:B97C:C96D:0680:420C

Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Denise-Notebook.local. AAAA FE80:0000:0000:0000:B97C:C96D:0680:420C

Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.102:5353   16 Denise-Notebook.local. AAAA 2003:00DA:1BCB:CE38:B97C:C96D:0680:420C

Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 Denise-Notebook.local. Addr 192.168.2.102

Error: (05/03/2017 09:59:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.102:5353   16 Denise-Notebook.local. AAAA 2003:00DA:1BCB:CE38:B97C:C96D:0680:420C

Error: (05/03/2017 08:06:45 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DENISE-NOTEBOOK)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements.  <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.

Error: (05/02/2017 03:28:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d3c

Startzeit: 01d2c3472a3a3e9e

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 1ec4ca4f-2f3b-11e7-8290-1cb72c068d56

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/02/2017 03:30:13 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog


Systemfehler:
=============
Error: (05/03/2017 09:59:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/03/2017 09:59:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (05/03/2017 09:54:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/03/2017 09:54:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (05/03/2017 09:38:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/03/2017 09:38:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (05/03/2017 09:36:25 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (05/03/2017 09:35:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/03/2017 09:35:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DbxSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/03/2017 09:35:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-05-03 12:12:28.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-17 11:03:43.701
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-11 16:55:29.507
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-24 13:07:19.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-18 14:59:19.778
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 21:55:36.543
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-22 17:22:33.337
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-11 15:35:14.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8094.8 MB
Verfügbarer physikalischer RAM: 5222.91 MB
Summe virtueller Speicher: 9630.8 MB
Verfügbarer virtueller Speicher: 6774.98 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:453.42 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:1101.7 GB) (Free:1100.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 510BFD71)

Partition: GPT.

==================== Ende von Addition.txt ============================
         


Alt 04.05.2017, 20:35   #6
M-K-D-B
/// TB-Ausbilder
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Servus,



du hast die falsche Logdatei von AdwCleaner gepostet.

ich benötige die Logdatei des Löschvorgangs, nicht des Suchlaufs.

Bitte nachreichen.
__________________
--> Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack

Alt 04.05.2017, 20:46   #7
Damina1997
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Ups sorry, das hier müsste die Richtige sein:

Code:
ATTFilter
# AdwCleaner v6.046 - Bericht erstellt am 03/05/2017 um 21:36:08
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-03.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Denise - DENISE-NOTEBOOK
# Gestartet von : C:\Users\Denise\Downloads\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****

[-] [C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: vlc.de


*************************

:: "Tracing" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1373 Bytes] - [22/02/2017 13:19:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [1154 Bytes] - [03/05/2017 21:36:08]
C:\AdwCleaner\AdwCleaner[S0].txt - [1369 Bytes] - [22/02/2017 13:16:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1441 Bytes] - [22/02/2017 13:18:45]
C:\AdwCleaner\AdwCleaner[S2].txt - [1602 Bytes] - [03/05/2017 21:35:05]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1446 Bytes] ##########
         

Alt 04.05.2017, 21:00   #8
M-K-D-B
/// TB-Ausbilder
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Servus,



wir entfernen noch ein bisschen was und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.







Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 05.05.2017, 14:08   #9
Damina1997
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



So, da wären wir wieder ^^

Fixlog:
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
durchgeführt von Denise (04-05-2017 21:04:54) Run:1
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozesse erfolgreich geschlossen.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 153914341 B
Java, Flash, Steam htmlcache => 739964292 B
Windows/system/drivers => 56903308 B
Edge => 0 B
Chrome => 766840351 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 286244 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 22178 B
Denise => 215054955 B

RecycleBin => 1617099966 B
EmptyTemp: => 3.3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:05:42 ====
         

HitmanPro:
Code:
ATTFilter
HitmanPro 3.7.18.284
www.hitmanpro.com

   Computer name . . . . : DENISE-NOTEBOOK
   Windows . . . . . . . : 6.3.0.9600.X64/4
   User name . . . . . . : DENISE-NOTEBOOK\Denise
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-05-04 21:11:57
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 14m 8s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2

   Objects scanned . . . : 2.250.835
   Files scanned . . . . : 107.850
   Remnants scanned  . . : 747.893 files / 1.395.092 keys

Suspicious files ____________________________________________________________

   C:\Users\Denise\Downloads\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.428.416 bytes
      Age  . . . . . . . : 1.9 days (2017-05-02 22:27:51)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 107C4946A928FC921A678DD867CF562951ED76599078CC8E9A5440A7972B0BE2
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Denise\Downloads\FRST-OlderVersion\FRST64.exe
          3.5s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\46\994A7F39F0978B6E.dat

   C:\Users\Denise\Downloads\FRST64.exe
      Size . . . . . . . : 2.428.928 bytes
      Age  . . . . . . . : 1.0 days (2017-05-03 22:18:57)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C0E221A65FA757DDC714FA6EF38443EC87A17B7E8AAE23EF6555E859D3105B26
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -27.8s C:\Windows\Prefetch\SCHTASKS.EXE-BA1E321E.pf
         -26.8s C:\Users\Denise\Desktop\MBAM.txt
         -0.2s C:\Users\Denise\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
         -0.2s C:\Users\Denise\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
          0.0s C:\Users\Denise\Downloads\FRST64.exe
          0.9s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\81\0F3FEF7829261E19.dat
          1.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\22\42C76E2A4A0E3982.dat
          1.1s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\85\EF7E2EB4E060A351.dat
          1.5s C:\Users\Denise\Downloads\FRST-OlderVersion\
          2.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\55\AD9DD1B7BC735613.dat
          3.9s C:\Windows\Prefetch\FRST64.EXE-9C9087FB.pf
          5.4s C:\Users\Denise\Downloads\FRST.txt
         

ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# end=init
# utc_time=2017-05-04 07:27:04
# local_time=2017-05-04 09:27:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 33275
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# end=updated
# utc_time=2017-05-04 07:32:52
# local_time=2017-05-04 09:32:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=d3cb0a67a38a564ead387ce89dff29bf
# engine=33275
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-05-04 10:36:55
# local_time=2017-05-05 12:36:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 26562 9701138 0 0
# scanned=447807
# found=0
# cleaned=0
# scan_time=11042
         
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
durchgeführt von Denise (Administrator) auf DENISE-NOTEBOOK (05-05-2017 12:59:16)
Gestartet von C:\Users\Denise\Downloads
Geladene Profile: Denise (Verfügbare Profile: Denise)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Spotify Ltd) C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hammer & Chisel, Inc.) C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-13] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1058360 2017-04-30] ()
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify] => C:\Users\Denise\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-09-29] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Discord] => C:\Users\Denise\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [Spotify Web Helper] => C:\Users\Denise\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-02] (Spotify Ltd)
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BF9CCFC1-6FCA-4ABF-8044-CAB8EB45663B}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E5937EBF-A255-40C3-B2F8-6204570F2CF3}: [DhcpNameServer] 192.168.24.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: Kein Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-02] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome: 
=======
CHR Profile: C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default [2017-05-05]
CHR Extension: (Google Präsentationen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-04]
CHR Extension: (Google Docs) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-04]
CHR Extension: (Google Drive) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-04]
CHR Extension: (YouTube) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-04]
CHR Extension: (Adblock Plus) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-24]
CHR Extension: (Google-Suche) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (FrankerFaceZ) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2015-12-17]
CHR Extension: (Google Tabellen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Twitch Live) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2017-01-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]
CHR HKU\S-1-5-21-2606138470-3405722970-712637843-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-04-07] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-29] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-29] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325896 2017-04-30] (Overwolf LTD)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-13] (Plays.tv, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-04] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 DfSdkS; kein ImagePath
U0 msahci; system32\drivers\msahci.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-04 21:27 - 2017-05-04 21:27 - 00000000 ____D C:\Program Files (x86)\ESET
2017-05-04 21:26 - 2017-05-04 21:26 - 02870984 _____ (ESET) C:\Users\Denise\Downloads\esetsmartinstaller_deu.exe
2017-05-04 21:11 - 2017-05-04 21:26 - 00000000 ____D C:\ProgramData\HitmanPro
2017-05-04 21:11 - 2017-05-04 21:11 - 11583584 _____ (SurfRight B.V.) C:\Users\Denise\Downloads\HitmanPro_x64.exe
2017-05-03 22:19 - 2017-05-05 13:00 - 00026493 _____ C:\Users\Denise\Downloads\FRST.txt
2017-05-03 22:18 - 2017-05-03 22:18 - 00001243 _____ C:\Users\Denise\Desktop\MBAM.txt
2017-05-03 22:18 - 2017-05-03 22:18 - 00000000 ____D C:\Users\Denise\Downloads\FRST-OlderVersion
2017-05-03 22:03 - 2017-05-04 21:07 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-03 22:03 - 2017-05-03 22:03 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-03 22:03 - 2017-05-03 22:03 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-03 22:03 - 2017-03-22 11:02 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-03 22:02 - 2017-05-03 22:02 - 60107896 _____ (Malwarebytes ) C:\Users\Denise\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-05-03 21:55 - 2017-05-03 21:55 - 00566128 _____ (Malwarebytes) C:\Users\Denise\Desktop\mbam-clean-2.3.0.1001.exe
2017-05-03 21:55 - 2017-05-03 21:55 - 00001514 _____ C:\Users\Denise\Downloads\mbam-clean-2.3.0.1001 (1).exe
2017-05-03 21:33 - 2017-05-03 21:33 - 04102600 _____ C:\Users\Denise\Downloads\AdwCleaner_6.046.exe
2017-05-03 20:16 - 2017-05-03 20:16 - 00001759 _____ C:\Users\Denise\Desktop\Google Drive.lnk
2017-05-03 20:15 - 2017-05-04 21:08 - 00000000 ___RD C:\Users\Denise\Google Drive
2017-05-03 20:15 - 2017-05-03 20:15 - 00002060 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00002058 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00002048 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-05-03 20:15 - 2017-05-03 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-05-03 20:14 - 2017-05-03 20:14 - 01130328 _____ (Google Inc.) C:\Users\Denise\Downloads\googledrivesync.exe
2017-05-03 20:06 - 2017-05-03 20:06 - 00002259 _____ C:\Windows\epplauncher.mif
2017-05-03 19:39 - 2017-05-03 19:42 - 00233642 _____ C:\TDSSKiller.3.1.0.15_03.05.2017_19.39.30_log.txt
2017-05-03 19:39 - 2017-05-03 19:38 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Denise\Desktop\tdsskiller.exe
2017-05-03 19:38 - 2017-05-03 19:38 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Denise\Downloads\tdsskiller.exe
2017-05-03 02:42 - 2017-05-03 02:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-02 22:27 - 2017-05-03 22:18 - 02428928 _____ (Farbar) C:\Users\Denise\Downloads\FRST64.exe
2017-05-02 15:21 - 2017-05-02 15:21 - 00000000 ____D C:\Users\Denise\Documents\League of Legends
2017-05-02 15:15 - 2017-05-02 15:15 - 00000000 ____D C:\ProgramData\Riot Games
2017-05-02 15:14 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-05-02 15:14 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-05-02 15:13 - 2017-05-02 15:22 - 00001722 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-05-02 15:13 - 2017-05-02 15:13 - 00000000 ____D C:\Riot Games
2017-05-02 15:11 - 2017-05-02 15:14 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Riot Games
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-28 15:26 - 2017-04-29 14:00 - 00010972 _____ C:\Users\Denise\Desktop\Car Mechanic Fahrzeuge.xlsx
2017-04-12 10:44 - 2017-04-12 10:44 - 38952320 _____ (Mojang) C:\Users\Denise\Downloads\Minecraft.exe
2017-04-11 23:01 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-11 23:01 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-11 23:01 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-11 23:01 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-11 23:01 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-11 23:01 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-11 23:01 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-11 23:01 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-11 23:01 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-11 23:01 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-11 23:01 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-11 23:01 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-11 23:01 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-11 23:01 - 2017-03-25 06:43 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-11 23:01 - 2017-03-24 20:24 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-11 23:01 - 2017-03-14 16:26 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-11 23:01 - 2017-03-14 16:09 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-11 23:01 - 2017-03-14 16:08 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 23:01 - 2017-03-14 16:06 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 23:01 - 2017-03-12 17:04 - 00033792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 23:01 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-11 23:01 - 2017-03-11 05:49 - 00388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-11 23:01 - 2017-03-11 05:44 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 23:01 - 2017-03-11 05:41 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 23:01 - 2017-03-09 23:13 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-11 23:01 - 2017-03-08 01:25 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-11 23:01 - 2017-03-08 01:21 - 01212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-11 23:01 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-11 23:01 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-11 23:01 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 23:01 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 23:01 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-11 23:01 - 2017-02-11 19:00 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-11 23:01 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2017-04-11 23:01 - 2017-02-10 21:06 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-11 23:01 - 2017-02-10 16:37 - 00046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2017-04-11 23:01 - 2017-02-04 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-11 23:01 - 2017-02-04 19:51 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-11 23:01 - 2017-02-04 19:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-11 23:01 - 2017-02-01 21:44 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-11 23:01 - 2017-02-01 21:42 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-11 23:01 - 2017-01-19 04:18 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 23:01 - 2017-01-18 16:35 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-11 23:01 - 2017-01-18 16:34 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-11 23:01 - 2017-01-14 22:32 - 00955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-14 21:18 - 00787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-11 23:01 - 2017-01-12 18:51 - 00274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2017-04-11 23:01 - 2017-01-12 18:51 - 00117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2017-04-11 23:01 - 2017-01-12 08:12 - 00990040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-04-11 23:01 - 2017-01-11 21:12 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 19:28 - 00422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-04-11 23:01 - 2017-01-11 17:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2017-04-11 23:01 - 2017-01-11 00:37 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-04-11 23:01 - 2017-01-10 23:06 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-04-11 23:01 - 2017-01-10 22:46 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-04-11 23:01 - 2017-01-10 21:20 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-04-11 23:01 - 2017-01-10 21:09 - 01108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-04-11 23:01 - 2017-01-06 19:25 - 02513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-04-11 23:01 - 2017-01-06 19:04 - 01495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-04-11 23:01 - 2016-12-25 03:14 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 02:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-04-11 23:01 - 2016-12-25 02:19 - 00170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2017-04-11 23:01 - 2016-12-25 01:39 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-04-11 23:01 - 2016-12-09 10:08 - 00379736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-04-11 23:00 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-11 23:00 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-11 23:00 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 20:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-11 23:00 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-11 23:00 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-11 23:00 - 2017-03-25 19:12 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-11 23:00 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-11 23:00 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-11 23:00 - 2017-03-25 19:00 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-11 23:00 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-11 23:00 - 2017-03-14 21:06 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-11 23:00 - 2017-03-13 18:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-11 23:00 - 2017-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-04-11 23:00 - 2017-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-11 23:00 - 2017-03-13 17:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-11 23:00 - 2017-03-13 17:56 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-11 23:00 - 2017-03-11 05:49 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-11 23:00 - 2017-03-09 23:08 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 23:00 - 2017-03-09 21:29 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 23:00 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 23:00 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 23:00 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 23:00 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 23:00 - 2017-01-14 16:37 - 00447095 _____ C:\Windows\system32\ApnDatabase.xml
2017-04-11 23:00 - 2016-12-25 03:21 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-04-07 21:49 - 2017-04-07 21:50 - 07662317 _____ C:\Users\Denise\Downloads\FTB_Launcher.exe
2017-04-05 14:56 - 2017-04-05 14:56 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Si7 studio

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-05 12:59 - 2017-02-22 11:37 - 00000000 ____D C:\FRST
2017-05-05 12:59 - 2016-09-10 13:49 - 02652160 ___SH C:\Users\Denise\Downloads\Thumbs.db
2017-05-05 12:40 - 2015-11-04 16:20 - 00001246 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-05 12:00 - 2016-08-01 12:33 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-05-05 12:00 - 2015-11-04 16:14 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-05-04 21:14 - 2015-11-04 16:14 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2606138470-3405722970-712637843-1001
2017-05-04 21:13 - 2015-11-04 19:24 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-04 21:09 - 2017-02-23 12:40 - 00001539 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2017-05-04 21:07 - 2015-11-04 16:13 - 00000000 ____D C:\Users\Denise\OneDrive
2017-05-04 21:06 - 2015-11-04 16:20 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-04 21:06 - 2015-11-04 16:11 - 00000165 _____ C:\Users\Denise\AppData\Roaming\sp_data.sys
2017-05-04 21:06 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-04 21:06 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-04 21:05 - 2016-08-30 15:36 - 00000000 ____D C:\Users\Denise\AppData\LocalLow\Temp
2017-05-04 19:49 - 2015-11-04 16:27 - 00000000 ____D C:\Users\Denise\AppData\Roaming\TS3Client
2017-05-03 21:54 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-05-03 21:36 - 2017-02-22 13:15 - 00000000 ____D C:\AdwCleaner
2017-05-03 20:15 - 2015-11-04 16:18 - 00000000 ____D C:\Users\Denise\AppData\Local\Google
2017-05-03 20:15 - 2015-11-04 16:18 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-03 20:15 - 2015-11-04 16:05 - 00000000 ____D C:\Users\Denise
2017-05-03 16:49 - 2016-01-08 17:39 - 00000000 ____D C:\Users\Denise\Documents\Euro Truck Simulator 2
2017-05-03 16:37 - 2016-02-16 02:18 - 00000000 ____D C:\Users\Denise\Documents\American Truck Simulator
2017-05-03 16:28 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-05-03 14:34 - 2015-11-04 16:27 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-03 14:11 - 2016-11-16 15:27 - 00000000 ____D C:\Users\Denise\Documents\Texte
2017-05-03 13:31 - 2015-11-04 17:10 - 00000000 ____D C:\Users\Denise\AppData\Local\Spotify
2017-05-03 12:21 - 2015-11-04 17:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\Spotify
2017-05-03 12:09 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-03 12:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-05-03 02:42 - 2015-11-04 16:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-02 22:41 - 2016-02-21 19:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5
2017-05-02 22:02 - 2014-10-29 14:02 - 00767018 _____ C:\Windows\system32\perfh007.dat
2017-05-02 22:02 - 2014-10-29 14:02 - 00159786 _____ C:\Windows\system32\perfc007.dat
2017-05-02 22:02 - 2014-03-18 17:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-02 16:07 - 2016-03-01 00:33 - 00007606 _____ C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2017-05-02 03:31 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-02 03:29 - 2014-10-29 08:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-30 16:13 - 2016-11-04 13:42 - 00000000 ____D C:\Users\Denise\Documents\Viscera
2017-04-30 11:51 - 2016-12-19 16:09 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.minecraft
2017-04-29 15:58 - 2015-11-04 16:18 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 15:58 - 2015-11-04 16:18 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-25 00:26 - 2015-12-27 23:36 - 00000000 ____D C:\Users\Denise\AppData\Local\CrashDumps
2017-04-17 13:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-04-17 10:39 - 2016-05-12 19:58 - 00001062 _____ C:\Users\Denise\Desktop\Neues Textdokument (3).txt
2017-04-17 10:32 - 2016-02-04 23:06 - 00000000 ____D C:\Users\Denise\AppData\Roaming\.technic
2017-04-17 10:32 - 2016-02-04 23:05 - 04734784 _____ () C:\Users\Denise\Downloads\TechnicLauncher.exe
2017-04-14 18:06 - 2013-08-22 16:44 - 00479584 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-14 11:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 04:25 - 2015-11-06 16:01 - 00000000 ____D C:\Windows\system32\MRT
2017-04-12 04:23 - 2015-11-06 16:01 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-12 04:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-04-08 00:06 - 2016-08-11 12:13 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-07 22:31 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Local\ftblauncher
2017-04-07 21:59 - 2015-11-18 19:17 - 00000000 ____D C:\ftb
2017-04-07 21:50 - 2015-11-18 19:17 - 00000000 ____D C:\Users\Denise\AppData\Roaming\ftblauncher
2017-04-05 14:58 - 2015-12-01 23:06 - 00000000 ____D C:\Users\Denise\Documents\My Games
2017-04-05 03:01 - 2016-12-09 20:49 - 00002370 _____ C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-04-05 03:01 - 2016-12-06 03:32 - 00003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-05 03:01 - 2016-02-21 14:41 - 00003196 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2606138470-3405722970-712637843-1001

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-04 16:11 - 2017-05-04 21:06 - 0000165 _____ () C:\Users\Denise\AppData\Roaming\sp_data.sys
2016-07-12 23:15 - 2016-07-12 23:15 - 0001454 _____ () C:\Users\Denise\AppData\Local\recently-used.xbel
2016-03-01 00:33 - 2017-05-02 16:07 - 0007606 _____ () C:\Users\Denise\AppData\Local\Resmon.ResmonCfg
2015-03-18 14:53 - 2015-03-18 14:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-29 13:47

==================== Ende von FRST.txt ============================
         
Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
durchgeführt von Denise (05-05-2017 13:00:48)
Gestartet von C:\Users\Denise\Downloads
Windows 8.1 (Update) (X64) (2015-11-04 14:07:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2606138470-3405722970-712637843-500 - Administrator - Disabled)
Denise (S-1-5-21-2606138470-3405722970-712637843-1001 - Administrator - Enabled) => C:\Users\Denise
Gast (S-1-5-21-2606138470-3405722970-712637843-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2606138470-3405722970-712637843-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

 (HKLM\...\UDK-69f36ffc-40bd-40ec-849e-13683db6c5b3) (Version:  - RuneStorm
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.39 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AutoHotkey 1.1.22.09 (HKLM\...\AutoHotkey) (Version: 1.1.22.09 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestar Galactica Online (HKLM-x32\...\Battlestar Galactica Online_is1) (Version: 1.0 - Bigpoint GmbH)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.61.6289 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Car Mechanic Simulator 2015 (HKLM-x32\...\Steam App 320300) (Version:  - Red Dot Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.24.102.1020 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.293.1110 - Electronic Arts Inc.)
Digimon Masters Online (HKLM\...\Steam App 537180) (Version:  - Move Games Co., Ltd.)
Discord (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2010 (x32 Version: 1.0.0001.132 - Codemasters) Hidden
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version:  - Giants Software)
FileZilla Client 3.16.1 (HKLM-x32\...\FileZilla Client) (Version: 3.16.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hello Kitty Online POD Installer (HKLM-x32\...\{0150D55C-0FEE-4F1D-BEE5-085C0DD2B476}_is1) (Version: 1.9.9.0.2 - SANRIODIGITAL GAMES & ENTERTAINMENT INC)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Layers of Fear (HKLM\...\Steam App 391720) (Version:  - Bloober Team SA)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
My Secret Pets! (HKLM\...\Steam App 447180) (Version:  - Dogenzaka Lab)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3c3ba69a-df4e-4526-88e4-04f1ff87fc0d}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.234.0 - Overwolf Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
Pixelmon Launcher (Beta) (HKLM-x32\...\Pixelmon Launcher (Beta) 2.0.23) (Version: 2.0.23 - Ikara Software Limited)
Pixelmon Launcher (Beta) (x32 Version: 2.0.23 - Ikara Software Limited) Hidden
Plantera (HKLM\...\Steam App 421040) (Version:  - VaragtP)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.3-r114511-release - Plays.tv, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Slime Rancher (HKLM\...\Steam App 433340) (Version:  - Monomi Park)
Spotify (HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Bunker (HKLM\...\Steam App 481110) (Version:  - Splendy Interactive)
The Guest (HKLM\...\Steam App 402040) (Version:  - Team Gotham)
The Walking Dead (HKLM\...\Steam App 207610) (Version:  - Telltale Games)
Time Mysteries: Inheritance - Remastered (HKLM\...\Steam App 350010) (Version:  - Artifex Mundi)
Train Mechanic Simulator 2017 (HKLM\...\Steam App 538810) (Version:  - Si7 Studio)
TruckersMP 0.2.1.3.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.3.5 Alpha - TruckersMP Team)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unreal Development Kit: 2012-07 (HKLM\...\UDK-85b1f5f2-c617-4d5a-942e-760c69695908) (Version:  - Epic Games, Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: Santas Rampage
Viscera Cleanup Detail: Santa's Rampage (HKLM\...\Steam App 265210) (Version:  - RuneStorm)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2606138470-3405722970-712637843-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Denise\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07321C46-5DD2-47DA-BA1C-EFB16558C116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {19322365-6413-495C-B6B3-587BB1FDA412} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-04-12] (Microsoft Corporation)
Task: {24903DAB-555C-44AD-B392-68D313BA773A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3A1F1DDC-02BA-45AB-9A82-ECD4902A6552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {3B17F2EB-A7C2-4EDE-8EA5-3742A7B8C762} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {401F971E-3089-45D6-8760-58EB4216B3F2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {4438B3D2-206C-48AA-9028-CA480F4D5768} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {577D9ACE-A2EB-4AB6-B66B-F21071611867} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {62687EC0-BB73-4EA9-8F8E-A800049FE0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {883A3F07-BB44-43B8-96A9-E39E723C41EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {911D73C4-9DE2-46B8-B701-59970283A9CF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {983DD468-029B-4F16-A77A-310293C8F729} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-04-30] (Overwolf LTD)
Task: {AB6DFF50-8E3D-419E-9173-D8DC9D6AF47B} - System32\Tasks\{F4B0E50F-1D1D-49E4-A13D-11BAF2D67674} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {B847F2D4-38DE-46D7-ABE1-0C0479CAECEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-04] (Google Inc.)
Task: {D66A24C1-B98B-4B82-9873-5C95D27B7780} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {D9298A94-FF7B-4008-B247-DC3F13B8B46E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {E4B15ED4-FEFA-47BB-8ECC-7E9A9CCD4457} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {E81BCDCC-2BD4-422C-B3D3-FA24F205F188} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-02] (Microsoft Corporation)
Task: {F2987583-C64B-4210-8369-6D05BCDC321D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F349EF15-C2F3-46B0-8189-E5FF70116D2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-18 14:49 - 2016-01-23 03:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-05-03 22:03 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2015-01-14 04:24 - 2014-12-15 07:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2017-02-14 17:14 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-01 13:35 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-02-14 17:14 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-03-16 12:17 - 2016-03-16 12:17 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-11-07 14:31 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2015-11-04 19:26 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-04 19:26 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-04 19:26 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 21:47 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 01082880 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-25 17:02 - 2017-01-25 17:02 - 03750400 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-25 17:02 - 2017-01-25 17:02 - 00914432 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-25 17:02 - 2017-01-25 17:02 - 01127424 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-11 23:22 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 23:22 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Denise\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-05-04 21:07 - 2017-05-04 21:07 - 00098816 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32api.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00110080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\pywintypes27.dll
2017-05-04 21:07 - 2017-05-04 21:07 - 00364544 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\pythoncom27.dll
2017-05-04 21:07 - 2017-05-04 21:07 - 00320512 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32com.shell.shell.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00914432 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_hashlib.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 01176576 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._core_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00806400 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._gdi_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00816128 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._windows_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 01067008 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._controls_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00733184 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._misc_.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00682496 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\pysqlite2._sqlite.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00088064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_ctypes.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00686080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\unicodedata.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00119808 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32file.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00108544 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32security.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00007168 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\hashobjs_ext.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00017920 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\thumbnails_ext.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00088064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\usb_ext.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00012800 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\common.time34.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00018432 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32event.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00167936 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32gui.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00046080 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_socket.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 01303552 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_ssl.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00128512 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_elementtree.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00127488 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\pyexpat.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00038912 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32inet.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00036864 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_psutil_windows.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00524248 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\windows._lib_cacheinvalidation.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00011264 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32crypt.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00123392 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._wizard.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00077312 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._html2.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00027648 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_multiprocessing.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00020480 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\_yappi.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00035840 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32process.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00078848 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\wx._animate.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00024064 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32pipe.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00010240 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\select.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00025600 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32pdh.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00017408 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32profile.pyd
2017-05-04 21:07 - 2017-05-04 21:07 - 00022528 ____R () C:\Users\Denise\AppData\Local\Temp\_MEI18202\win32ts.pyd
2017-05-04 21:08 - 2017-05-04 21:08 - 00148992 _____ () \\?\C:\Users\Denise\AppData\Local\Temp\3629.tmp.node
2017-01-25 17:02 - 2017-05-02 22:48 - 02658296 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-25 17:03 - 2017-03-24 05:24 - 02665976 _____ () \\?\C:\Users\Denise\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-12-13 22:35 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-11-04 19:26 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-03-30 00:53 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-11 16:10 - 2017-03-31 11:49 - 17778776 _____ () C:\Users\Denise\AppData\Local\Google\Chrome\User Data\PepperFlash\25.0.0.148\pepflashplayer.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2606138470-3405722970-712637843-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Denise\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2606138470-3405722970-712637843-1001\...\StartupApproved\Run: => "BlueStacks Agent"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{7A6F54C6-0CBE-49D6-AEF9-484B93C44FFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84D56BD8-2192-499A-B071-F19532159EBA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{059074FB-CF16-4C85-9510-B576B2C91E5E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21A95AF2-BF14-4471-88DA-0CEBCFB44E13}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{5B15E0EC-833D-4499-8F24-A778C36CAF81}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D0A49A24-A871-43D5-AF9C-F559E03989B3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{FD7E0985-A45A-4202-BC41-FEAB87765304}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{F9B1A7A3-8D66-4491-AEA2-8188D3FA2B46}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{9C2ED916-BFE7-411C-BBBE-07BD3FFDA052}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A1699C5F-59DF-4A0B-BD4E-26B0364C5DE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

==================== Wiederherstellungspunkte =========================

20-04-2017 05:14:30 Geplanter Prüfpunkt
29-04-2017 13:55:02 Geplanter Prüfpunkt
02-05-2017 15:12:15 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/05/2017 12:58:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Denise\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (05/05/2017 12:58:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (05/05/2017 06:04:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/05/2017 01:31:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\denise\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (05/05/2017 01:31:16 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (05/05/2017 01:02:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (05/05/2017 12:59:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (05/04/2017 09:30:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (05/04/2017 09:27:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (05/04/2017 09:27:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Denise\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Systemfehler:
=============
Error: (05/04/2017 09:27:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/04/2017 09:27:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Denise\AppData\Local\Temp\ehdrv.sys

Error: (05/04/2017 09:27:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/04/2017 09:27:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Denise\AppData\Local\Temp\ehdrv.sys

Error: (05/04/2017 09:27:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/04/2017 09:27:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Denise\AppData\Local\Temp\ehdrv.sys

Error: (05/04/2017 09:07:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/04/2017 09:07:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (05/04/2017 09:05:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/04/2017 09:05:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-05-04 11:56:22.314
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-03 12:12:28.831
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-17 11:03:43.701
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-11 16:55:29.507
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-24 13:07:19.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-18 14:59:19.778
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 21:55:36.543
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-22 17:22:33.337
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-11 15:35:14.417
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 8094.8 MB
Verfügbarer physikalischer RAM: 3724.95 MB
Summe virtueller Speicher: 9630.8 MB
Verfügbarer virtueller Speicher: 4816.63 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:455.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:1101.7 GB) (Free:1100.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 510BFD71)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Und zu der Frage: Bis jetzt kann ich keine Probleme mehr feststellen.

Mir ist gerade aufgefallen, dass ich Browser und Games wieder in der Firewall erlauben muss. Muss das so sein?

Alt 05.05.2017, 20:35   #10
M-K-D-B
/// TB-Ausbilder
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Servus,



Zitat:
Mir ist gerade aufgefallen, dass ich Browser und Games wieder in der Firewall erlauben muss. Muss das so sein?
Ja, weil die Einstellungen dafür zurückgesetzt wurden.







Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...
Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • Starte deinen Rechner zum Abschluss neu auf.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.






Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.





Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Optionale Browsererweiterungen
  • Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren
  • NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.





Grundsätzliches
  • Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
  • Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
    Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.





Lesestoff:
Backup-/Image-Tools

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), ansonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor "Verschlüsselungstrojanern" zu schützen.

Du solltest dich für eines der folgenden Programmen entscheiden und damit regelmäßig deine Daten sichern.

Optioin 1 - Drivesnapshot
Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Screenshots:
http://www.drivesnapshot.de/images/startup.png
http://www.drivesnapshot.de/images/save3.png




Option 2 - Seagate DiscWizard
Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg




Option 3 - Acronis TrueImage WD Edition
Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg

__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 05.05.2017, 22:32   #11
Damina1997
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Supi, ich hab dann auch keine Fragen mehr.
Danke für die Hilfe

Alt 05.05.2017, 22:35   #12
M-K-D-B
/// TB-Ausbilder
 
Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Standard

Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack



Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine Profilnachricht inklusive Link zum Thema.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Antwort

Themen zu Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack
.dll, adobe, antivirus, avast, bonjour, computer, defender, desktop, explorer, ftp, google, installation, langsam, performance, realtek, registry, rundll, scan, services.exe, software, starten, svchost.exe, temp, udp, windows



Ähnliche Themen: Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack


  1. Windows 7: Malwarebytes findet Bedrohung PUP.Optional.DriverPack
    Log-Analyse und Auswertung - 10.05.2017 (7)
  2. Malwarebytes findet PUP.Optional.OpenCandy..., Windows 7
    Log-Analyse und Auswertung - 01.12.2016 (11)
  3. windows 7: malwarebytes findet pup.optional.youtubeunblocker
    Log-Analyse und Auswertung - 16.03.2016 (19)
  4. Malwarebytes findet PUP.Optional.Iminent.A und PUP.Optional.Somoto
    Log-Analyse und Auswertung - 10.11.2014 (5)
  5. Malwarebytes findet PUP.Optional.Koyote und PUP.Optional.OpenCandy
    Log-Analyse und Auswertung - 16.10.2014 (1)
  6. Malwarebytes findet PUP.Optional
    Plagegeister aller Art und deren Bekämpfung - 11.07.2014 (13)
  7. Malwarebytes Anti-Malware findet PUP.Optional.PCPerformer.A in C:\Windows\System32\roboot64.exe
    Plagegeister aller Art und deren Bekämpfung - 05.06.2014 (15)
  8. Windows 8.1: Malwarebytes findet Pup.optional, Websites werden verzögert oder gar nicht aufgebaut.
    Plagegeister aller Art und deren Bekämpfung - 04.05.2014 (15)
  9. Windows Vista: Malwarebytes findet PUP.Optional.OpenCandy und Exploit.Drop.GS
    Log-Analyse und Auswertung - 26.03.2014 (8)
  10. Malwarebytes findet PUP.Optional.Iminent.A und PUP.Optional.OpenCandy
    Log-Analyse und Auswertung - 25.01.2014 (7)
  11. Windows 7, Malwarebytes findet PUP.Optional.OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (9)
  12. Windows 7 64bit: Malwarebytes findet PUM.UserWLoad und PUP.Optional.Conduit.A
    Log-Analyse und Auswertung - 20.10.2013 (9)
  13. malwarebytes findet Pup.optional.Tarma.a, Pup.optional.OpenCandy und Trojan.Downloader
    Log-Analyse und Auswertung - 13.10.2013 (12)
  14. Windows 7: Firefox öffnet permanent leeres PopUp (als Layer), MalwareBytes findet PUP.Optional.OfferMosquito.A
    Log-Analyse und Auswertung - 04.09.2013 (11)
  15. Windows 7 Malwarebytes findet : pup.optional.tarma.a
    Log-Analyse und Auswertung - 02.09.2013 (5)
  16. Windows 7, Malwarebytes findet 1 infizierte Datei: Trojan.PUP.Optional.FileScout.A, bei einen anderen Benutzer Pub.Optional.Open.Candy
    Log-Analyse und Auswertung - 30.08.2013 (32)
  17. Windows 7: Malwarebytes findet immer wieder PUP.Optional.Conduit.A
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (9)

Zum Thema Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack - Moin , ich weiß ich schon wieder. ^^ Diesmal gehts aber um meinen Hauptrechner, der schon einige Zeit relativ langsam ist. Aus diesem Grund hab ich mal Malwarebytes Anti-Malware laufen - Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack...
Archiv
Du betrachtest: Windows 8.1: Malwarebytes findet Pup.Optional.Gamehack auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.