Kontrolle meiner Logs pls

Zom(BiE · 27.05.2017, 23:56

FRST Teil 2

Code:

ATTFilter

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-28 00:39 - 2017-03-27 19:24 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Azureus
2017-05-28 00:19 - 2017-04-07 10:54 - 04846194 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-28 00:19 - 2016-12-21 19:28 - 02394986 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-28 00:19 - 2016-12-21 19:28 - 00636190 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-28 00:18 - 2017-04-07 10:46 - 00000000 ____D C:\Users\wuens
2017-05-28 00:16 - 2017-04-07 10:45 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-28 00:16 - 2016-12-21 20:04 - 00000000 ____D C:\Users\wuens\AppData\LocalLow\Mozilla
2017-05-28 00:14 - 2017-03-30 18:42 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Curse Client
2017-05-28 00:13 - 2017-04-26 11:45 - 00000000 ____D C:\Users\wuens\AppData\Local\CrashDumps
2017-05-28 00:13 - 2017-04-07 10:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-28 00:12 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-28 00:12 - 2016-12-21 20:51 - 00000000 ____D C:\Users\wuens\AppData\Local\Battle.net
2017-05-27 21:40 - 2016-12-21 22:16 - 00000000 ____D C:\Users\wuens\AppData\Roaming\uTorrent
2017-05-27 20:39 - 2017-04-20 15:08 - 00000000 ____D C:\Users\wuens\AppData\LocalLow\uTorrent
2017-05-27 20:26 - 2017-04-07 17:33 - 00000000 ____D C:\WINDOWS\Minidump
2017-05-27 20:26 - 2016-12-21 22:02 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Dopamine
2017-05-27 18:46 - 2017-04-07 10:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-27 18:25 - 2017-04-07 09:59 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-05-27 18:07 - 2016-12-24 16:07 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-27 17:24 - 2017-01-24 17:44 - 00000000 ____D C:\Users\wuens\AppData\Roaming\TS3Client
2017-05-27 13:40 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-27 13:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-26 21:44 - 2016-12-21 20:31 - 00000000 ____D C:\Users\wuens\AppData\Roaming\vlc
2017-05-26 17:29 - 2017-02-25 15:07 - 00622120 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-05-26 14:18 - 2016-12-21 20:04 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-05-24 04:43 - 2017-02-25 15:06 - 00383016 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-05-23 07:32 - 2016-12-21 20:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-22 23:21 - 2016-12-21 20:06 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-22 19:31 - 2016-12-21 22:17 - 00000000 ____D C:\Users\wuens\AppData\Local\JDownloader v2.0
2017-05-22 16:58 - 2016-12-21 20:49 - 00000000 ____D C:\Users\wuens\Desktop\Programme
2017-05-21 15:25 - 2017-04-07 10:44 - 00295256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-21 12:08 - 2016-12-21 19:22 - 00000000 ____D C:\Users\wuens\AppData\Local\VirtualStore
2017-05-21 12:06 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-20 15:30 - 2017-02-11 16:09 - 00000000 ____D C:\Users\wuens\AppData\Local\Spotify
2017-05-20 14:33 - 2017-02-11 16:08 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Spotify
2017-05-18 22:50 - 2016-12-21 20:04 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-18 16:10 - 2017-02-24 18:00 - 00000000 ____D C:\Users\wuens\AppData\Local\UnrealEngine
2017-05-18 09:54 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-18 09:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 19:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 19:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\System
2017-05-17 19:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 19:30 - 2016-12-21 19:47 - 00014678 _____ C:\WINDOWS\unins000.dat
2017-05-17 18:23 - 2017-04-24 18:24 - 00000591 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast Whistleblower.lnk
2017-05-17 18:23 - 2017-04-12 11:17 - 00001010 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2017-05-17 18:23 - 2017-04-07 10:48 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 18:23 - 2017-03-29 07:09 - 00001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-17 18:23 - 2017-03-27 19:24 - 00001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2017-05-17 18:23 - 2017-02-11 16:09 - 00001856 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-05-17 18:23 - 2017-02-11 16:09 - 00001850 _____ C:\Users\wuens\Desktop\Spotify.lnk
2017-05-17 18:23 - 2017-01-30 11:19 - 00000712 _____ C:\Users\wuens\Desktop\uTorrent.lnk
2017-05-17 18:23 - 2017-01-09 10:45 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-05-17 18:23 - 2017-01-09 10:45 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-05-17 18:23 - 2016-12-24 18:52 - 00000705 _____ C:\Users\wuens\Desktop\Music.lnk
2017-05-17 18:23 - 2016-12-22 14:55 - 00001023 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-05-17 18:23 - 2016-12-21 22:16 - 00002640 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-05-17 18:23 - 2016-12-21 21:43 - 00001890 _____ C:\Users\wuens\Desktop\Dopamine.lnk
2017-05-17 18:23 - 2016-12-21 21:20 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-05-17 18:23 - 2016-12-21 21:20 - 00002006 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dopamine.lnk
2017-05-17 18:23 - 2016-12-21 21:15 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-05-17 18:23 - 2016-12-21 20:04 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-05-17 18:23 - 2016-12-21 20:01 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-05-17 18:23 - 2016-12-21 19:28 - 00001023 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2017-05-17 18:17 - 2017-03-29 07:09 - 00000000 ____D C:\Program Files\iPod
2017-05-17 18:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Globalization
2017-05-17 18:03 - 2017-02-13 11:47 - 00000000 ____D C:\Users\wuens\AppData\Roaming\NVIDIA
2017-05-17 18:02 - 2017-02-25 21:17 - 00000000 ____D C:\Program Files\UNi Xonar Audio
2017-05-17 18:02 - 2016-12-21 21:15 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-17 07:30 - 2016-12-21 19:59 - 00000000 ____D C:\ProgramData\IObit
2017-05-15 09:04 - 2017-03-18 20:27 - 00000000 ____D C:\Users\wuens\AppData\Roaming\SmartSteamEmu
2017-05-12 10:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-11 07:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 16:06 - 2016-12-21 19:22 - 00000000 ____D C:\Users\wuens\AppData\Local\Packages
2017-05-10 09:43 - 2016-12-31 15:15 - 00000000 ____D C:\Users\wuens\Documents\My Games
2017-05-10 08:48 - 2016-12-21 19:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 08:40 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-10 08:22 - 2017-04-07 10:50 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-10 08:22 - 2017-04-07 10:45 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-10 08:22 - 2017-04-07 10:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-06 12:12 - 2016-12-21 20:49 - 00000000 ____D C:\Users\wuens\Desktop\Spiele
2017-05-06 10:11 - 2017-04-07 10:50 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-05 11:05 - 2016-12-21 19:30 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-05-03 22:21 - 2017-02-13 11:43 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-03 22:21 - 2017-02-13 11:37 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2017-02-13 11:37 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2017-02-13 11:37 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2017-02-13 11:37 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2017-02-13 11:37 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 21:28 - 2016-12-21 19:30 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-03 12:51 - 2016-12-21 21:20 - 00000000 ____D C:\Program Files (x86)\Dopamine
2017-05-02 00:38 - 2017-04-25 19:31 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-02 00:38 - 2017-04-25 19:31 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-02 00:38 - 2017-03-21 12:55 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-02 00:38 - 2017-03-21 12:55 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-01 22:52 - 2017-04-07 10:45 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-01 22:51 - 2017-04-07 10:45 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-01 19:23 - 2017-04-14 18:27 - 00000000 ____D C:\Users\wuens\Documents\Warcraft III
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 19:46 - 2016-12-21 19:46 - 00000000 ____D C:\Program Files\Java
2017-04-28 17:41 - 2016-12-21 19:24 - 00000000 ___RD C:\Users\wuens\OneDrive
2017-04-28 17:40 - 2016-12-21 19:46 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-04-28 17:40 - 2016-12-21 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-28 17:40 - 2016-12-21 19:45 - 00000000 ____D C:\ProgramData\Oracle
2017-04-28 17:40 - 2016-12-21 19:45 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-28 17:39 - 2016-12-21 19:46 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-24 11:48

==================== End of FRST.txt ============================

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017
Ran by wuens (28-05-2017 00:40:20)
Running from C:\Users\wuens\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-07 08:53:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2322370783-745731414-697882459-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2322370783-745731414-697882459-503 - Limited - Disabled)
Guest (S-1-5-21-2322370783-745731414-697882459-501 - Limited - Disabled)
wuens (S-1-5-21-2322370783-745731414-697882459-1001 - Administrator - Enabled) => C:\Users\wuens

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.05.00 - ASUSTeK Computer Inc.)
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.2.541 - Online Media Technologies Ltd.)
Batman Arkham Knight (HKLM-x32\...\{0F4673C2-B7F4-4771-96FD-1AB79B1C1923}_is1) (Version:  - Rocksteady Studios)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Dopamine (HKLM-x32\...\{88964D1B-8C83-4D7D-A7B7-3334536110A4}) (Version: 1.3.0.918 - Digimezzo)
Driver Booster 4.2 (HKLM-x32\...\Driver Booster_is1) (Version: 4.2.0 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Glary Utilities PRO 5.66 (HKLM-x32\...\Glary Utilities 5) (Version: 5.66.0.87 - Glarysoft Ltd)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
Mp3tag v2.80 (HKLM-x32\...\Mp3tag) (Version: v2.80 - Florian Heidenreich)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outlast 2 (HKLM-x32\...\Outlast 2_is1) (Version:  - )
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.1.5 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version:  - Capcom)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TomTom MyDrive Connect 4.1.4.3031 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3031 - TomTom)
Transmissions: Element 120 (HKLM\...\Steam App 365300) (Version:  - Shokunin)
UNi Xonar Audio -Run only while playing audio! (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.5.0 - Azureus Software, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Video Converter Ultimate(Build 9.0.3.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.3.0 - Wondershare Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
wxMP3gain v3.7 (HKLM-x32\...\{A8DA0F4D-7A25-4FB1-91ED-D6481CB7CD35}_is1) (Version: 3.7 - Cristiano Nunes)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2322370783-745731414-697882459-1001_Classes\CLSID\{8a1ef745-130b-4427-b600-3dadd96aa5a6}\InprocServer32 -> c:\windows\system32\dfshim.dll (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {027DA260-2F75-4C09-818C-A6A3F6EB7121} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic 
Task: {131C386C-C51D-4CAB-B14F-22260609620A} - \{7D050447-0909-0805-0E11-0B080D79110F} -> No File <==== ATTENTION
Task: {1492DE31-4374-44F4-8B5F-89D2CCFA569E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {18E3A64D-8AEB-4E0C-A399-69199FD8863D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
Task: {1DAAC372-EE6D-4BE1-95EB-42BE75008669} - \Microsoft\Windows\DeviceSettings\Clerherdompaqward -> No File <==== ATTENTION
Task: {204D1486-DD87-4009-9B75-C283DD727442} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-12-16] (Glarysoft Ltd)
Task: {2144319C-FFBF-4D27-A35B-E9ED68E38F4E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {267806E3-4F73-4AA9-9EFF-3EE86F5D7229} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {3B0689A8-13C8-4CC3-8963-9ED8684F2934} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2015-03-25] (ASUSTeK Computer Inc.)
Task: {46C0CAF6-6FEA-4B04-9863-B8810989F42C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {4C6395D5-9DD3-4F69-9637-7305C5094B25} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {67CA4A3F-6EDA-4798-8A21-761AA46ABC85} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {6F870188-6ACF-4484-AEE7-81911567A23E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {75CB2956-CB4F-4756-9370-64E149606193} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7E3FFA82-23B8-48BB-BEF8-A55484889F70} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {8E0CBFE4-0494-4641-B536-37B880258B61} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {90060EC1-7ED0-4976-8FF2-EE0FABA33F48} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-12-16] (Glarysoft Ltd)
Task: {90B07451-CA1B-4245-A1A6-F6653E45EF26} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {9633A941-D118-4E29-BB19-131BF8BC800C} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {B42C210D-852A-44EE-8CD8-F6A532937B83} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {B503C857-2CE2-466B-845A-A67A793DBB22} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {DD328B42-2AEF-4C8C-941B-4ADBD2BAEA3D} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {DD49795A-9A56-4F40-A9C3-27FCD4568959} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe 
Task: {F6D96290-FEF8-4AA7-AFBD-9CD97B978DCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {FC9F5668-46BD-47EA-88F7-A8A9C8E20A54} - System32\Tasks\{F470B5CB-E6AB-438C-A76E-6F34C184983B} => pcalua.exe -a "D:\Program Files (x86)\Alien Isolation\AI.exe" -d "D:\Program Files (x86)\Alien Isolation"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{42A8FBD9-F5AE-48AF-99CE-8A119E3AA355}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-02-13 11:37 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 17:08 - 2017-03-16 17:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-07 10:45 - 2015-05-14 15:47 - 00936456 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-12-21 19:20 - 2016-12-21 19:20 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2016-10-24 12:03 - 2016-10-24 12:03 - 00589512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:59 - 2017-03-19 04:30 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-03-27 19:24 - 2016-01-05 20:45 - 00105648 _____ () C:\Program Files\Vuze\aereg64.dll
2016-12-06 16:09 - 2016-12-06 16:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-04-07 10:45 - 2017-05-28 00:13 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-04-07 10:45 - 2015-05-14 15:47 - 00113160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-12-21 21:20 - 2017-02-06 20:18 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-13 11:37 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00228864 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00526848 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-12-21 19:39 - 2015-03-11 10:42 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-12-21 19:39 - 2015-03-11 10:42 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2016-12-21 19:43 - 2014-10-11 17:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2016-12-21 19:39 - 2015-03-11 10:42 - 00828928 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2016-12-21 19:43 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2016-12-21 19:43 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-12-21 19:38 - 2014-09-09 11:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2017-02-25 21:17 - 2012-06-06 10:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2016-04-05 17:57 - 2016-04-05 17:57 - 00393608 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\opus.dll
2017-03-29 01:04 - 2017-05-17 18:15 - 00535872 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Curse.Presto.Interface.dll
2017-05-15 11:59 - 2017-05-15 11:59 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-03-28 23:48 - 2017-04-12 11:16 - 01950528 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\ffmpeg.dll
2017-03-28 23:48 - 2017-04-12 11:16 - 02270528 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\libglesv2.dll
2017-03-28 23:48 - 2017-04-12 11:16 - 00088384 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\libegl.dll
2014-03-03 15:07 - 2016-07-08 23:06 - 00353768 _____ () d:\program files (x86)\warcraft iii\mss32.dll
2014-03-03 15:07 - 2016-04-08 00:23 - 00132072 _____ () d:\program files (x86)\warcraft iii\redist\miles\Mp3dec.asi
2014-03-03 15:07 - 2016-04-08 00:23 - 00071656 _____ () d:\program files (x86)\warcraft iii\redist\miles\Mssdolby.m3d
2014-03-03 15:07 - 2016-04-08 00:23 - 00076264 _____ () d:\program files (x86)\warcraft iii\redist\miles\Msseax2.m3d
2014-03-03 15:07 - 2017-05-18 16:32 - 00064000 _____ () d:\program files (x86)\warcraft iii\redist\miles\Mssfast.m3d
2014-03-03 15:07 - 2016-04-08 00:23 - 00062952 _____ () d:\program files (x86)\warcraft iii\redist\miles\Reverb3.flt

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2017-05-17 19:13 - 00000795 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2322370783-745731414-697882459-1001\Control Panel\Desktop\\Wallpaper -> D:\Bilder\RazerChroma_1920x1080.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{AC2B4ACC-3D5C-490F-BFF0-0CDE6BFA9642}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{F7616C04-A078-4921-9369-38426F4C5251}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{08FE67DF-A171-49C5-9870-628811BA6DD7}C:\users\wuens\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\wuens\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{DF707267-8197-40DB-94CB-6A463EC3CE06}C:\users\wuens\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\wuens\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{CF7A1321-733C-4EE9-BC79-386A9ACE3E48}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{353C4CA9-0BE8-461F-B567-0A9E9D350414}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2017 12:13:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1bb4
Startzeit der fehlerhaften Anwendung: 0x01d2d73685f339e5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 612e581f-e5d3-42ef-b6b2-a0320df4aac0
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/27/2017 11:52:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (05/27/2017 11:52:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (05/27/2017 11:52:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (05/27/2017 11:52:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "E:\Downloads\Antivirus\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (05/27/2017 11:41:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x2170
Startzeit der fehlerhaften Anwendung: 0x01d2d731fa58c305
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 48af1b6c-a9a0-442d-bbb6-6513381ad38b
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/27/2017 09:31:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (05/27/2017 09:31:39 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (05/27/2017 09:31:39 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (05/27/2017 09:31:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.


System errors:
=============
Error: (05/28/2017 12:29:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "terana" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/28/2017 12:13:44 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HitmanPro37CrusaderBoot" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
Der Vorgang wurde erfolgreich beendet.

Error: (05/28/2017 12:13:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (05/28/2017 12:12:50 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/28/2017 12:12:50 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/27/2017 11:45:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 09:40:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/27/2017 09:40:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/27/2017 08:44:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "terana" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/27/2017 08:31:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-05-26 21:42:06.382
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-26 16:27:42.943
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-24 17:00:23.645
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-24 11:48:26.015
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-24 09:13:26.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-23 10:02:33.422
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-23 00:20:52.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-22 15:31:18.969
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-22 12:05:15.720
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-22 09:56:19.077
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Percentage of memory in use: 24%
Total physical RAM: 16321.93 MB
Available physical RAM: 12293.03 MB
Total Virtual: 20321.93 MB
Available Virtual: 15362.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.3 GB) (Free:74.12 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:292.98 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:2794.51 GB) (Free:1188.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0B963252)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 28C7BC0C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

==================== End of Addition.txt ============================

Kontrolle meiner Logs pls

Log-Analyse und Auswertung: Kontrolle meiner Logs pls

Kontrolle meiner Logs pls

Ähnliche Themen: Kontrolle meiner Logs pls