Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.08.2017, 20:00   #1
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Moin,
seit kurzem habe ich das Problem dass mein PC sehr langsam geworden ist und der Arbeitsspeicher ziemlich ausgelastet ist, obwohl kaum Programme laufen.
Leider habe ich davon nicht so viel Ahnung

Ich habe schon mal mit dem Farbar Recovery Scan Tool ausgelesen:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2017
durchgeführt von Niko (Administrator) auf NIKO-PC (07-08-2017 19:02:51)
Gestartet von C:\Users\Niko\Downloads
Geladene Profile: Niko (Verfügbare Profile: Niko & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\avpui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(AppWork GmbH) C:\Users\Niko\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (AppleInc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\MountPoints2: {7985ce0e-0430-11e3-95d1-bcaec5da2ffe} - K:\Startme.exe
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\MountPoints2: {f78d62ec-2eee-11e5-91c3-bcaec5da2ffe} - E:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-24] (MicrosoftCorporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{14847BEC-8CCC-4499-AB0D-78B099C5C4E1}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{89D5D2DE-B52D-4B31-93DF-D4D41F6B9539}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9F712A8E-A99B-471D-B53A-BC6EDD0B2917}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D0D90BB3-D490-4A41-826B-B112D0B36742}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q={searchTerms}
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.search.us.com/v/2/?guid={E5180186-3E1E-418E-A77E-33303A14C67D}&serpv=5
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-UA,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-UA,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3530776945-4030788160-3505166589-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-06-13] (MicrosoftCorporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2017-07-05] (KasperskyLabZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2017-07-05] (KasperskyLabZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2017-07-05] (KasperskyLabZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (MicrosoftCorporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (MicrosoftCorporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2017-07-05] (KasperskyLabZAO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-06-13] (MicrosoftCorporation)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2017-07-05] (KasperskyLabZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2017-07-05] (KasperskyLabZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (OracleCorporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2017-07-05] (KasperskyLabZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (MicrosoftCorporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (MicrosoftCorporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (OracleCorporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2017-07-05] (KasperskyLabZAO)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\system32\mscoree.dll [2010-11-05] (MicrosoftCorporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (MicrosoftCorporation)

FireFox:
========
FF DefaultProfile: 1kydystc.Niko
FF ProfilePath: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko [2017-08-07]
FF Homepage: Mozilla\Firefox\Profiles\1kydystc.Niko -> hxxps://www.google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\1kydystc.Niko -> hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q=
FF Extension: (Video Downloader professional) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\ffext_basicvideoext@startpage24.xpi [2017-07-30]
FF Extension: (Video AdBlock) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1} [2016-03-06]
FF Extension: (Video DownloadHelper) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-13]
FF SearchPlugin: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\trovi-search.xml [2014-07-10]
FF SearchPlugin: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\Web Search.xml [2014-04-26]
FF Extension: (Hotspot Shield Extension) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2017-07-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: (Freemake Video Converter Plugin) - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-06-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: (Freemake Video Downloader Plugin) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-06-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: (Freemake Youtube Download Button) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-06-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\url_advisor@kaspersky.com [2017-07-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2017-07-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: (Dangerous Websites Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\content_blocker@kaspersky.com [2017-07-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: (Anti-Banner) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\anti_banner@kaspersky.com [2017-07-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\online_banking@kaspersky.com [2017-07-05] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3530776945-4030788160-3505166589-1000: @tightropeinteractive.com/Plugin -> C:\Users\Niko\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3530776945-4030788160-3505166589-1000: @tnt2ghost.com/Plugin -> C:\Users\Niko\AppData\Local\TNT2\2.0.0.1627\npTNT2ghost.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxps://www.google.de/?gws_rd=cr&ei=ObhbU72LDMWJtAbVlIHoAw","hxxps://www.youtube.com/"
CHR Profile: C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default [2017-08-07]
CHR Extension: (ProxFlow) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-01-24]
CHR Extension: (Google Docs) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Turn Off the Lights) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-08-07]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-03-06]
CHR Extension: (Kaspersky Protection) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2017-07-05]
CHR Extension: (YouTube) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Freemake Video Downloader) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-06-20]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2013-12-25] [UpdateUrl: hxxps://dl.dropbox.com/u/9278456/Chrome_YouTube_Downloader/update.xml] <==== ACHTUNG
CHR Extension: (Adblock Plus) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-14]
CHR Extension: (Google-Suche) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-12-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-06-20]
CHR Extension: (Google Docs Offline) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-20]
CHR Extension: (Freemake Video Converter) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-06-20]
CHR Extension: (MySpass Adblocker) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjdpiilfcgggfhpgboiebimccnbebcj [2015-09-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Taylor Swift 2) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgnfgndihifalnjjdpfdednbfaibnik [2013-06-20]
CHR Extension: (Google Mail) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\ChromeExt\virtkbd.crx [2013-06-17]
CHR HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\ChromeExt\urladvisor.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\WebCake\WebCakeLayers.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\ChromeExt\ab.crx [2013-06-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (AdobeSystems,Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (AdvancedMicroDevices,Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (AppleInc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\avp.exe [214512 2017-07-05] (KasperskyLabZAO)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (ResearchInMotionLimited) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (ChipDigitalGmbH) [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SeikoEpsonCorporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (MicrosoftCorporation) [Datei ist nicht signiert]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2610808 2017-06-15] (AnchorFreeInc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-13] (ElectronicArts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-13] (ElectronicArts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-07-03] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [103736 2013-07-03] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (MicrosoftCorporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (MicrosoftCorporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-05-08] (AnchorFreeInc.)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (AcerLaboratoriesInc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (AdvancedMicroDevices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-08-11] ()
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMDTechnology,Inc.)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows(R)Win7DDKprovider)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-07-24] (AnchorFreeInc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2017-07-05] (KasperskyLabZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2017-07-05] (KasperskyLabZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2017-07-05] (KasperskyLabZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2017-07-05] (KasperskyLabZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2017-07-05] (KasperskyLabZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2017-07-05] (KasperskyLabZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (KasperskyLabZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (KasperskyLabZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2017-07-05] (KasperskyLabZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-11] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACETechnologies,Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (ResearchInMotionLimited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (ResearchinMotionLtd)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (RealtekSemiconductorCorporation)
S3 RTL8192su; C:\Windows\System32\DRIVERS\RTL8192su.sys [676864 2009-11-11] (RealtekSemiconductorCorporation) [Datei ist nicht signiert]
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12464 2017-08-06] (MacrovisionEuropeLtd) [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-08] (DuplexSecureLtd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-07-24] (AnchorfreeInc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIATechnologies,Inc.)
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] (VIATechnologiesInc.,Ltd)
U3 anjf8f2q; C:\Windows\System32\Drivers\anjf8f2q.sys [0 ] (MicrosoftCorporation) <==== ACHTUNG (Null Byte Datei/Ordner)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-07 19:02 - 2017-08-07 19:04 - 000030541 _____ C:\Users\Niko\Downloads\FRST.txt
2017-08-07 19:01 - 2017-08-07 19:01 - 002381312 _____ (Farbar) C:\Users\Niko\Downloads\FRST64.exe
2017-08-06 20:43 - 2017-08-06 20:44 - 000000000 ____D C:\Users\Niko\Documents\Harry Potter II
2017-08-06 20:38 - 2017-08-06 20:38 - 000002251 _____ C:\Users\Public\Desktop\Harry Potter und die Kammer des Schreckens.lnk
2017-08-06 20:38 - 2017-08-06 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2017-08-06 20:36 - 2017-08-06 20:36 - 000000000 ____D C:\Program Files (x86)\EA Games
2017-08-06 20:35 - 2017-08-06 20:35 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2017-08-06 20:35 - 2017-08-06 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2017-08-06 20:17 - 2017-08-07 06:16 - 000000000 ____D C:\Program Files\AVAST Software
2017-08-06 20:17 - 2017-08-06 20:32 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-06 11:59 - 2017-08-06 20:42 - 000012464 _____ (Macrovision Europe Ltd) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2017-08-06 11:56 - 2017-08-07 17:58 - 000001127 _____ C:\Users\Niko\Desktop\Call of Duty Mehrspieler.lnk
2017-08-06 11:56 - 2017-08-06 17:43 - 000001183 _____ C:\Users\Niko\Desktop\Call of Duty Einzelspieler.lnk
2017-08-06 11:56 - 2017-08-06 11:56 - 000000984 _____ C:\Users\Gast.Niko-PC\Desktop\Call of Duty Mehrspieler.lnk
2017-08-06 11:56 - 2017-08-06 11:56 - 000000984 _____ C:\Users\Gast.Niko-PC\Desktop\Call of Duty Einzelspieler.lnk
2017-08-06 11:55 - 2017-08-06 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty
2017-08-06 11:55 - 2017-08-06 11:55 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
2017-08-06 11:51 - 2017-08-06 11:56 - 000000745 _____ C:\Windows\CoD.INI
2017-08-06 11:45 - 2017-08-06 20:19 - 000000000 ____D C:\Users\Niko\Downloads\Call.of.Duty.2.DVD.GERMAN-NESSUNO - more games on GLOAD.cc
2017-08-06 11:27 - 2017-08-06 11:50 - 000000000 ____D C:\Users\Niko\Downloads\Call.Of.Duty.United.Offense.GERMAN-SiLENTGATE - more games on GLOAD.cc
2017-08-04 19:15 - 2017-08-04 19:15 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-03 19:08 - 2017-08-04 19:17 - 000000000 ____D C:\Users\Niko\Downloads\Kaspersky Crack
2017-07-29 12:14 - 2017-07-30 11:17 - 000000000 ____D C:\Users\Niko\Downloads\klg-best-box17
2017-07-26 20:02 - 2017-07-26 20:04 - 000000000 ____D C:\Users\Niko\Downloads\Disc 2
2017-07-26 20:02 - 2017-07-26 20:04 - 000000000 ____D C:\Users\Niko\Downloads\Disc 1
2017-07-23 14:53 - 2017-07-23 14:53 - 000001757 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-07-23 14:53 - 2017-07-23 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-07-23 14:52 - 2017-07-23 14:52 - 000000000 ____D C:\Program Files\iPod
2017-07-14 19:09 - 2017-05-03 17:34 - 000094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-14 19:09 - 2017-05-03 17:29 - 001206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-14 19:09 - 2017-03-23 04:06 - 001691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-14 19:04 - 2017-06-30 06:15 - 000394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-14 19:04 - 2017-06-30 05:32 - 000346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-14 19:04 - 2017-06-30 04:57 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-14 19:04 - 2017-06-30 04:57 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-14 19:04 - 2017-06-30 04:57 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-14 19:04 - 2017-06-30 04:39 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-14 19:04 - 2017-06-30 04:38 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-14 19:04 - 2017-06-29 08:27 - 025734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-14 19:04 - 2017-06-29 08:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-14 19:04 - 2017-06-29 08:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-14 19:04 - 2017-06-29 08:03 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-14 19:04 - 2017-06-29 08:03 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-14 19:04 - 2017-06-29 08:02 - 002899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-14 19:04 - 2017-06-29 08:02 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-14 19:04 - 2017-06-29 08:02 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-14 19:04 - 2017-06-29 07:55 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-14 19:04 - 2017-06-29 07:54 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-14 19:04 - 2017-06-29 07:51 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-14 19:04 - 2017-06-29 07:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-14 19:04 - 2017-06-29 07:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-14 19:04 - 2017-06-29 07:50 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-14 19:04 - 2017-06-29 07:50 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-14 19:04 - 2017-06-29 07:44 - 005975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-14 19:04 - 2017-06-29 07:43 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-14 19:04 - 2017-06-29 07:39 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-14 19:04 - 2017-06-29 07:35 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-14 19:04 - 2017-06-29 07:31 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-14 19:04 - 2017-06-29 07:31 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-14 19:04 - 2017-06-29 07:30 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-14 19:04 - 2017-06-29 07:27 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-14 19:04 - 2017-06-29 07:26 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 020270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-14 19:04 - 2017-06-29 07:22 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-14 19:04 - 2017-06-29 07:22 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-14 19:04 - 2017-06-29 07:22 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-14 19:04 - 2017-06-29 07:19 - 002290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-14 19:04 - 2017-06-29 07:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-14 19:04 - 2017-06-29 07:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-14 19:04 - 2017-06-29 07:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-14 19:04 - 2017-06-29 07:13 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-14 19:04 - 2017-06-29 07:13 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-14 19:04 - 2017-06-29 07:13 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-14 19:04 - 2017-06-29 07:11 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-14 19:04 - 2017-06-29 07:09 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-14 19:04 - 2017-06-29 07:09 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-14 19:04 - 2017-06-29 07:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-14 19:04 - 2017-06-29 07:07 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-14 19:04 - 2017-06-29 07:05 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-14 19:04 - 2017-06-29 07:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-14 19:04 - 2017-06-29 07:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-14 19:04 - 2017-06-29 07:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-14 19:04 - 2017-06-29 06:58 - 015253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-14 19:04 - 2017-06-29 06:58 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-14 19:04 - 2017-06-29 06:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-14 19:04 - 2017-06-29 06:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-14 19:04 - 2017-06-29 06:54 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-14 19:04 - 2017-06-29 06:53 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-14 19:04 - 2017-06-29 06:52 - 004549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-14 19:04 - 2017-06-29 06:48 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-14 19:04 - 2017-06-29 06:47 - 000693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-14 19:04 - 2017-06-29 06:46 - 002057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-14 19:04 - 2017-06-29 06:46 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-14 19:04 - 2017-06-29 06:43 - 013663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-14 19:04 - 2017-06-29 06:41 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-14 19:04 - 2017-06-29 06:29 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-14 19:04 - 2017-06-29 06:28 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-14 19:04 - 2017-06-29 06:24 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-14 19:04 - 2017-06-22 16:58 - 003223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-14 19:04 - 2017-06-15 22:23 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-14 19:04 - 2017-06-13 00:54 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-14 19:04 - 2017-06-13 00:54 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-14 19:04 - 2017-06-13 00:54 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-14 19:04 - 2017-06-13 00:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-14 19:04 - 2017-06-13 00:49 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-14 19:04 - 2017-06-13 00:28 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-14 19:04 - 2017-06-13 00:28 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-14 19:04 - 2017-06-13 00:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-14 19:04 - 2017-06-13 00:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-14 19:04 - 2017-06-13 00:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-14 19:04 - 2017-06-13 00:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-14 19:04 - 2017-06-10 17:59 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-14 19:04 - 2017-06-10 17:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-14 19:04 - 2017-06-09 17:33 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-14 19:04 - 2017-06-06 17:30 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-14 19:04 - 2017-06-06 17:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-14 19:04 - 2017-05-30 06:56 - 001895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-14 19:04 - 2017-05-30 06:56 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-14 19:04 - 2017-05-30 06:56 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-14 19:04 - 2017-05-16 17:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-14 19:04 - 2017-05-16 17:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-14 19:03 - 2017-06-30 04:57 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-14 19:03 - 2017-06-30 04:40 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-14 19:03 - 2017-06-30 04:40 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-14 19:03 - 2017-06-30 04:39 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-14 19:03 - 2017-06-30 04:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-14 19:03 - 2017-06-30 04:27 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-14 19:03 - 2017-06-30 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-14 19:03 - 2017-06-30 04:26 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-14 19:03 - 2017-06-30 04:26 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-14 19:03 - 2017-06-29 08:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-14 19:03 - 2017-06-29 06:23 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-14 19:03 - 2017-06-13 00:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-14 19:03 - 2017-06-13 00:12 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-14 19:03 - 2017-06-13 00:12 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-14 19:03 - 2017-06-13 00:12 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-14 19:03 - 2017-06-13 00:11 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-14 19:03 - 2017-06-13 00:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-14 19:03 - 2017-06-13 00:05 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-14 19:03 - 2017-05-21 06:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-14 19:03 - 2017-05-21 06:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-14 19:03 - 2017-05-16 17:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-14 18:16 - 2017-07-14 19:16 - 005824512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-07 19:02 - 2013-10-12 16:15 - 000000000 ____D C:\FRST
2017-08-07 19:00 - 2016-11-02 22:00 - 000000911 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job
2017-08-07 19:00 - 2016-11-02 22:00 - 000000725 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job
2017-08-07 19:00 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-08-07 18:31 - 2014-06-06 14:01 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-08-07 18:27 - 2009-07-14 06:45 - 000023072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-07 18:27 - 2009-07-14 06:45 - 000023072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-07 18:26 - 2014-01-30 13:18 - 000007612 _____ C:\Users\Niko\AppData\Local\Resmon.ResmonCfg
2017-08-07 18:23 - 2016-11-24 18:44 - 000000000 ____D C:\Users\Niko\AppData\LocalLow\Mozilla
2017-08-07 18:20 - 2015-02-25 15:42 - 000000000 ____D C:\Users\Niko\AppData\Local\JDownloader 2.0
2017-08-07 18:14 - 2009-07-14 07:08 - 000032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-07 18:14 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-07 18:02 - 2013-07-02 15:41 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-08-07 06:29 - 2013-06-20 14:06 - 000000000 ____D C:\Users\Niko\AppData\Local\Adobe
2017-08-06 20:57 - 2013-10-12 20:29 - 000000000 ____D C:\Users\Niko\AppData\Roaming\dvdcss
2017-08-06 20:57 - 2013-06-20 18:13 - 000000000 ____D C:\Users\Niko\AppData\Roaming\vlc
2017-08-06 20:36 - 2013-10-12 00:55 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2017-08-06 20:36 - 2013-06-20 13:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-06 20:22 - 2013-06-20 17:43 - 000000000 ____D C:\Users\Niko\AppData\Local\CrashDumps
2017-08-06 20:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-08-06 17:42 - 2013-06-23 16:09 - 000000000 ____D C:\Program Files (x86)\Activision
2017-08-06 13:00 - 2014-08-13 12:20 - 000000000 ____D C:\Users\Niko\AppData\Local\ElevatedDiagnostics
2017-08-06 11:43 - 2013-06-20 14:43 - 000000000 ____D C:\Users\Niko\AppData\Roaming\DAEMON Tools Pro
2017-08-04 19:15 - 2016-08-17 06:32 - 000000000 ____D C:\Users\Gast.Niko-PC
2017-08-03 19:11 - 2014-12-04 00:25 - 000002500 _____ C:\Users\Niko\Desktop\Sicherer Zahlungsverkehr.lnk
2017-08-01 18:38 - 2017-02-05 12:26 - 000000000 ____D C:\Users\Niko\Desktop\Neuer Ordner
2017-07-28 20:43 - 2014-10-28 11:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-07-28 20:42 - 2009-07-14 04:34 - 000000478 _____ C:\Windows\win.ini
2017-07-26 20:18 - 2013-06-23 12:09 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Mp3tag
2017-07-26 20:10 - 2014-07-24 22:43 - 000000000 ____D C:\Users\Niko\AppData\Local\JDownloader v2.0
2017-07-26 20:07 - 2015-06-11 14:12 - 000000000 ____D C:\Users\Niko\Desktop\Trainingsmusik
2017-07-23 20:28 - 2013-06-20 13:49 - 000000000 ____D C:\Users\Niko\Desktop\Musik
2017-07-23 14:53 - 2015-10-04 21:30 - 000000000 ____D C:\Program Files\iTunes
2017-07-20 18:40 - 2009-07-14 19:58 - 000699432 _____ C:\Windows\system32\perfh007.dat
2017-07-20 18:40 - 2009-07-14 19:58 - 000149572 _____ C:\Windows\system32\perfc007.dat
2017-07-20 18:40 - 2009-07-14 07:13 - 001620684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-19 07:29 - 2013-06-20 17:42 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Winamp
2017-07-18 08:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2017-07-17 07:50 - 2009-07-14 06:45 - 005121880 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-15 22:23 - 2014-12-11 13:07 - 000000000 ____D C:\Windows\system32\appraiser
2017-07-15 17:53 - 2013-07-23 02:35 - 000000000 ____D C:\Windows\system32\MRT
2017-07-15 17:52 - 2015-11-02 18:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-15 17:44 - 2013-06-22 16:36 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-14 19:16 - 2013-06-20 14:10 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-14 19:16 - 2013-06-20 14:10 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-14 19:16 - 2013-06-20 14:10 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-14 19:16 - 2013-06-20 14:10 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-14 19:16 - 2013-06-20 14:10 - 000000000 ____D C:\Windows\system32\Macromed
2017-07-14 18:27 - 2013-06-20 19:20 - 000000000 ____D C:\Program Files (x86)\Steam
2017-07-09 12:10 - 2015-08-02 17:47 - 000000000 ____D C:\Users\Niko\Desktop\Bewerbung

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-05-02 06:29 - 2017-05-02 06:29 - 007649280 _____ () C:\Program Files (x86)\GUT7DF6.tmp
2014-04-27 19:32 - 2014-04-27 19:32 - 000001204 _____ () C:\Users\Niko\AppData\Roaming\.southparkloader.xml
2013-12-04 19:36 - 2013-12-04 19:37 - 000000624 _____ () C:\Users\Niko\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-12-11 20:01 - 2016-03-09 04:09 - 000000049 _____ () C:\Users\Niko\AppData\Roaming\install.imp
2015-10-15 16:14 - 2015-10-24 13:51 - 000000154 _____ () C:\Users\Niko\AppData\Roaming\Rim.Desktop.Exception.log
2015-10-15 16:06 - 2015-10-15 16:06 - 000001153 _____ () C:\Users\Niko\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-10-15 16:14 - 2015-10-24 13:51 - 000000154 _____ () C:\Users\Niko\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-05-10 14:45 - 2015-03-18 14:44 - 000001456 _____ () C:\Users\Niko\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-01-28 18:18 - 2014-01-28 18:18 - 000000006 _____ () C:\Users\Niko\AppData\Local\config.txt
2013-12-16 21:08 - 2013-12-16 21:08 - 000000000 ___SH () C:\Users\Niko\AppData\Local\LumaEmu
2014-07-11 11:50 - 2014-07-11 11:50 - 000002671 _____ () C:\Users\Niko\AppData\Local\recently-used.xbel
2014-01-30 13:18 - 2017-08-07 18:26 - 000007612 _____ () C:\Users\Niko\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
2017-08-04 20:38 - 2017-08-04 20:38 - 000040448 ____N () C:\Users\Niko\AppData\Local\Temp\proxy_vole2129202407163604852.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-04 21:13

==================== Ende von FRST.txt ============================
         

Alt 07.08.2017, 20:02   #2
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

Code



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06-08-2017
durchgeführt von Niko (07-08-2017 19:05:15)
Gestartet von C:\Users\Niko\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-06-20 04:14:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3530776945-4030788160-3505166589-500 - Administrator - Disabled)
Gast (S-1-5-21-3530776945-4030788160-3505166589-501 - Limited - Enabled) => C:\Users\Gast.Niko-PC
HomeGroupUser$ (S-1-5-21-3530776945-4030788160-3505166589-1002 - Limited - Enabled)
Niko (S-1-5-21-3530776945-4030788160-3505166589-1000 - Administrator - Enabled) => C:\Users\Niko

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1954 Alcatraz (HKLM-x32\...\1954 Alcatraz_is1) (Version: 1.0.4579r - Daedalic Entertainment)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
American Truck Simulator Version 1.0 (HKLM-x32\...\{1E1A283E-DA44-4DCB-BC57-295E54DF18CA}_is1) (Version: 1.0 - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{7346C35D-942D-3CCE-94CB-7008BA8D63CB}) (Version: 8.59.29722 - Microsoft) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty Black Ops II Version v1.0 (HKLM-x32\...\{9FC70705-BEE9-4044-BCEC-9D058AE43843}_is1) (Version: v1.0 - ZKY)
Call of Duty Ghosts MULTI 5 (HKLM-x32\...\Q2FsbG9mRHV0eUdob3N0cw==_is1) (Version: 1 - )
Call of Duty Modern Warfare 3 (HKLM-x32\...\Call of Duty: Modern Warfare 3 Full-Rip_is1) (Version: 1.0.0 - )
Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Camtasia 9 (HKLM\...\{D8A1F37A-B11B-4451-830D-6A243ADE2591}) (Version: 9.0.1.1422 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{48cb006a-7b5b-4a48-98fd-fbd7af456b0d}) (Version: 9.0.1.1422 - TechSmith Corporation)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\CopyTrans Suite) (Version: 4.008 - WindSolutions)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd)
Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line)
Die Gilde Gold Update v. 2.06  (HKLM-x32\...\Die Gilde Gold Update v. 2.06 ) (Version:  - )
Die Gilde Gold-Edition (HKLM-x32\...\Die Gilde Gold-Edition) (Version: 2.06 - JoWooD Productions Software AG)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.30.105.1010 - Electronic Arts Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version:  - )
Electronic Arts Product Registration (HKLM-x32\...\{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts) Hidden
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Enemy Front (HKLM-x32\...\{0E70B8F0-17E2-44B4-B781-CEDF66DCE053}_is1) (Version: 1.0 - City Interactive)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
Epson-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.0.2 - SCS Software)
F1 2013 German (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
F1 2014 German (HKLM-x32\...\RjEyMDE0_is1) (Version: 1 - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Music Box (HKLM-x32\...\Freemake Music Box_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.1 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.1 - Ellora Assets Corporation)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 - Premium Edition (HKLM-x32\...\{85E7B200-3222-48DE-8C42-BD712AE0E929}_is1) (Version: Premium - Youda Games)
Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0 (HKLM-x32\...\Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0) (Version:  - )
Grand Theft Auto V update Version 1.0.323.1 (HKLM-x32\...\{4959470E-EDAC-4710-A636-276D79A81B94}_is1) (Version: 1.0.323.1 - Rockstar Games)
Grand Theft Auto: The Trilogy (HKLM-x32\...\{C18536B9-C90F-4AF2-A13D-0CA15BF2DA09}_is1) (Version: 1.0 - RAF)
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version:  - )
Hot CPU Tester Pro 4.4.1 (HKLM-x32\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)
Hotspot Shield 6.8.12 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925B1A76C50}) (Version: 6.8.12.10541 - AnchorFree Inc.) Hidden
Hotspot Shield 6.8.12 (HKLM-x32\...\{c67c171b-b51a-4ff1-a641-6f4a9fb11bc9}) (Version: 6.8.12.10541 - AnchorFree Inc.)
Hotspot Shield 6.8.12 (HKLM-x32\...\HotspotShield) (Version: 6.8.12 - AnchorFree Inc.) Hidden
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{ECFFD23C-3111-4685-8118-E1F79644203F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Hilfe (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security Technical Preview (HKLM-x32\...\{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kaspersky Internet Security Technical Preview (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kits Configuration Installer (HKLM-x32\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden
K-Lite Mega Codec Pack 13.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.2.0 - KLCP)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Editor 64bit 4 (HKLM\...\PDF Editor 64bit 4) (Version:  - )
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 1) (Version: 1.00 Part 1 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 2) (Version: 1.00 Part 2 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 3) (Version: 1.00 Part 3 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.10) (Version: 1.10 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.12) (Version: 1.12 - Pesgalaxy)
Pizza Connection 2 (HKLM-x32\...\{DA47ABC4-52DF-468D-988D-B9E768A3DF52}) (Version:  - )
Prison Break (HKLM-x32\...\{C5A31DDC-157A-4DD7-9B5C-C692A06F61FD}) (Version: 1.00 - Deep Silver)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2015 Day One Edition MULTi2 1.0 (HKLM-x32\...\Pro Evolution Soccer 2015 Day One Edition MULTi2 1.0) (Version:  - )
Pro Evolution Soccer 2015 Update v1.02 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 German (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Pro Evolution Soccer 2017 (HKLM-x32\...\{A3C10274-808C-4ADC-A13D-D94911180B58}_is1) (Version:  - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
Sanny Builder 3.01 (HKLM-x32\...\Sanny Builder 3_is1) (Version:  - )
SDK Debuggers (HKLM-x32\...\{E63A3353-003C-E4C2-230B-F155212D1479}) (Version: 8.59.29746 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Sid Meier's Pirates! (HKLM-x32\...\{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
Sid Meier's Pirates! (HKLM-x32\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{7ACB9D1D-5B26-4CE4-964A-1EB22461E6F6}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00) (Version:  - )
South Park Der Stab der Wahrheit Update 2 Incl. DLCs MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Update 2 Incl. DLCs MULTI-2 1.00) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 3 Gold (HKLM-x32\...\Stronghold 3 Gold_is1) (Version:  - )
Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1004 - Firefly Studios)
Stronghold Crusader II Deinstallation (HKLM-x32\...\Stronghold Crusader II Deinstallation) (Version: 1.00 - Shadow Eagle)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
The Sims 4 Version 1.0 (HKLM-x32\...\{A4DD0B0B-029A-4F77-BF7B-FBE6A849974D}_is1) (Version: 1.0 - ZKY)
TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2015 (KB3213574) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3213574) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3213574) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CE92F061-BFBC-11E3-8FF3-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ACHTUNG
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WPT Redistributables (HKLM-x32\...\{A5D42D71-4036-5F88-5085-657C9DF9F1DD}) (Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{986EABFC-92F6-CECD-9E5A-B13CAC40BB1D}) (Version: 8.59.29722 - Microsoft) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3530776945-4030788160-3505166589-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2012-01-04] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2012-01-04] (MicrosoftCorporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (IgorPavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => C:\Windows\system32\syncui.dll [2010-11-20] (MicrosoftCorporation)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2013-10-17] (DiscSoftLtd)
ContextMenuHandlers1: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\shellex.dll [2017-07-05] (KasperskyLabZAO)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (FlorianHeidenreich)
ContextMenuHandlers1: [Open With] -> {09799AFB-AD67-11d1-ABCD-00C04FC30936} => C:\Windows\system32\shell32.dll [2017-05-10] (MicrosoftCorporation)
ContextMenuHandlers1: [Open With EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\Windows\system32\shell32.dll [2017-05-10] (MicrosoftCorporation)
ContextMenuHandlers1: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2012-01-04] (MicrosoftCorporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (AlexanderRoshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (AlexanderRoshal)
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2013-10-17] (DiscSoftLtd)
ContextMenuHandlers2: [EnhancedStorageShell] -> {2854F705-3548-414C-A113-93E27C808C85} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (MicrosoftCorporation)
ContextMenuHandlers2: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\shellex.dll [2017-07-05] (KasperskyLabZAO)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (FlorianHeidenreich)
ContextMenuHandlers2: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2012-01-04] (MicrosoftCorporation)
ContextMenuHandlers3: [CopyAsPathMenu] -> {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} => C:\Windows\system32\shell32.dll [2017-05-10] (MicrosoftCorporation)
ContextMenuHandlers3: [SendTo] -> {7BA4C740-9E81-11CF-99D3-00AA004AE837} => C:\Windows\system32\shell32.dll [2017-05-10] (MicrosoftCorporation)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (IgorPavlov)
ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\Windows\system32\shell32.dll [2017-05-10] (MicrosoftCorporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\shellex.dll [2017-07-05] (KasperskyLabZAO)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (FlorianHeidenreich)
ContextMenuHandlers4: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2012-01-04] (MicrosoftCorporation)
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (AdvancedMicroDevices,Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => C:\Program Files\Windows Sidebar\sbdrop.dll [2009-07-14] (MicrosoftCorporation)
ContextMenuHandlers5: [New] -> {D969A300-E7FF-11d0-A93B-00A0C90F2719} => C:\Windows\system32\shell32.dll [2017-05-10] (MicrosoftCorporation)
ContextMenuHandlers5: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\Windows\system32\ntshrui.dll [2012-01-04] (MicrosoftCorporation)
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => C:\Windows\system32\syncui.dll [2010-11-20] (MicrosoftCorporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\shellex.dll [2017-07-05] (KasperskyLabZAO)
ContextMenuHandlers6: [Library Location] -> {3dad6c5d-2167-4cae-9914-f99e41c12cfa} => C:\Windows\system32\shell32.dll [2017-05-10] (MicrosoftCorporation)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (AlexanderRoshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (AlexanderRoshal)
ContextMenuHandlers6-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (MicrosoftCorporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {072CFAE9-5310-4DA5-B775-3D1243663375} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2009-07-14] (MicrosoftCorporation)
Task: {14CC7BA0-0B63-4B8C-97F1-853FE154CEE4} - System32\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKOEPSONCORPORATION)
Task: {1BDDB7B8-1E2C-4D0B-AC30-CB1E8D0BE9F2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {1F4B207B-F6CF-4B8A-B244-7E74555DBA39} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {22EED56D-2C6A-4DDD-9616-4AB0DAF74F85} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (MicrosoftCorporation)
Task: {27BE7052-E9C4-46BC-8D13-342E3B2DD703} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {2E2BC64E-0D27-4638-8B9E-07C6135D1953} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2017-06-24] (MicrosoftCorporation)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [2010-11-20] (MicrosoftCorporation)
Task: {31470BF1-8725-4716-85D5-664E3944139A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-14] (AdobeSystemsIncorporated)
Task: {34C4E706-BD4A-48FE-90BC-6520E602E2DD} - System32\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKOEPSONCORPORATION)
Task: {472CDF01-C726-4BB2-A275-3136041AFDBD} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (MicrosoftCorporation)
Task: {474C533C-80D4-431C-A200-1F3DD1C97178} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2010-11-20] (MicrosoftCorporation)
Task: {504BEAEB-DC30-44F6-B588-94F7A453AD5D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {525FECE2-7D83-4A5E-B398-429284C695BE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {591213A2-BADC-42F6-9A6E-0C455AA7B224} - System32\Tasks\{B474F0C9-476B-464D-A9F5-2860230A558B} => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe [2013-11-01] ()
Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (MicrosoftCorp.)
Task: {5D2C35FE-02C7-40AE-8C34-5E1B87863D70} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2017-05-03] (MicrosoftCorporation)
Task: {5D7B2265-54BD-4F86-8FF9-937AFC53520A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [2010-11-20] (MicrosoftCorporation)
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [2017-05-12] (MicrosoftCorporation)
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [2009-07-14] (MicrosoftCorporation)
Task: {7D9C678A-8759-4D05-B9D4-547D68877103} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (GoogleInc.)
Task: {7E28D98F-5596-4982-BADF-E68C6E5FB3E1} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-11-16] (MicrosoftCorporation)
Task: {85A9F375-B72C-4D1E-B185-E238E140E082} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (MicrosoftCorporation)
Task: {8F37701F-600C-4AD4-98DC-F55DF8F4533E} - System32\Tasks\{D81C89A7-A32E-4482-BE0D-576F684B78BC} => C:\Windows\system32\pcalua.exe -a "E:\Spiele\PES 2014\PESEdit.com 2014 Patch 4.2\Installer.exe" -d "E:\Spiele\PES 2014\PESEdit.com 2014 Patch 4.2"
Task: {9443ECF8-73E3-4A00-AA9E-9610301469DD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {98DFC10C-2144-409C-ACF4-1713911DAB68} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [2017-05-12] (MicrosoftCorporation)
Task: {A56DE033-13A2-487D-9026-713CA67DC6E3} - System32\Tasks\AdobeAAMUpdater-1.0-Niko-PC-Niko => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (AdobeSystemsIncorporated)
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [2009-07-14] (MicrosoftCorporation)
Task: {A8E21732-8B52-43E8-A23C-F25C618E5696} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [2010-11-20] (MicrosoftCorporation)
Task: {AE1F6E2B-9B2C-4F1C-9867-83437EEF507D} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (MicrosoftCorporation)
Task: {B0082011-0F4C-4801-8004-8C5EC0265B25} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (MicrosoftCorporation)
Task: {B2F980FF-116F-4335-9FA6-B67BCCA9C45E} - System32\Tasks\{0181734B-83B8-4059-9ED6-E8AE0C27D32F} => C:\Program Files (x86)\Governor of Poker 2\GovernorofPoker2.exe [2010-06-18] (ISiouxB.V.)
Task: {B87E110F-30FA-4D0C-9B10-C8688CBDA0C1} - System32\Tasks\{039D68AB-2011-4786-8F98-8722280FF77B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Niko\Downloads\Minecraft 1.8аенривар.exe" -d C:\Users\Niko\Downloads
Task: {BE5F0FDB-A404-4522-8F4A-3CA87C14DCA5} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => C:\Windows\system32\schtasks.exe [2010-11-20] (MicrosoftCorporation)
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2010-11-20] (MicrosoftCorporation)
Task: {C6CFC376-A6AB-469E-835C-E87230798468} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (MicrosoftCorporation)
Task: {CA8EB50E-3F32-4BDD-AB9F-2B065540E1F9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (MicrosoftCorporation)
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2009-07-14] (MicrosoftCorporation)
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2009-07-14] (MicrosoftCorporation)
Task: {D0A892D1-8C09-4D50-905A-7EE51839B0AB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {D25C451E-96DC-4947-8972-E7EE164B60D8} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-05-24] ()
Task: {D2941FAD-2639-416D-B59F-F94782511A75} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (MicrosoftCorporation)
Task: {D543CBC7-E70B-48F0-8E69-DF7E255362C8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (MicrosoftCorporation)
Task: {D573BED3-BB1B-4F61-AE18-4C1344F0B584} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (GoogleInc.)
Task: {D9D5E68E-33E6-4424-85F1-16A8457F6145} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [2009-07-14] (MicrosoftCorporation)
Task: {DBCC2355-CDD1-4A5C-B506-8FA7258C5B6D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {DCC292A2-31FE-4B34-AE63-910D1ED9E747} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (AdobeSystemsIncorporated)
Task: {E02E6F8D-971D-41AB-AB2E-501D9DC4A98F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (PiriformLtd)
Task: {E170257E-89EE-4784-8282-26E72ACC6724} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (MicrosoftCorporation)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-07-14] (MicrosoftCorporation)
Task: {E66C1AA7-DC64-4A23-9DFA-5C4B5CE45DD4} - System32\Tasks\{83A906C1-DF31-4176-8753-D0916C0FAEF1} => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe [2013-11-01] ()
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2009-07-14] (MicrosoftCorporation)
Task: {EB4ED791-CB86-4631-9ABA-CBA8E1048F0E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3530776945-4030788160-3505166589-1000
Task: {EB92CAE7-138B-4998-AEE6-ADD0481CE115} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {ED009C95-9760-4D1E-A916-846945B2FBCF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe [2009-07-14] (MicrosoftCorporation)
Task: {EDE07330-8AC8-4592-AA31-0DCFBDE8EE43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (AppleInc.)
Task: {EF5CBCF0-0EDC-4B8B-BFDE-BE8F8A0DF444} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {F2539023-9CCE-4BF6-AA9A-4CF07238C3FB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2010-11-20] (MicrosoftCorporation)
Task: {F3CB1494-70C2-4BCA-8440-885E1122AADB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [2010-11-20] (MicrosoftCorporation)
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [2009-07-14] (MicrosoftCorporation)
Task: {FF23C186-195C-4DFB-8B1A-F4F82A6BCC52} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (MicrosoftCorporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{78C1617E-DB1D-48B9-B4F4-5E56C6303F18} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=RY_5021_CH&co=DE&userid=8448577c-e17a-f494-3b4c-a2fd09430c74&searchtype=sc&installDate=26/04/2014&barcodeid=127899&um=0

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-06-23 16:15 - 2013-07-03 00:26 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-23 16:16 - 2013-07-03 00:26 - 000103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 000667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-07-15 06:44 - 2010-07-15 06:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-07-14 10:26 - 2017-07-14 10:26 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-07-14 10:27 - 2017-07-14 10:27 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-08-07 18:21 - 2017-08-07 18:21 - 000566439 _____ () C:\Users\Niko\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2017-08-07 18:21 - 2017-08-07 18:21 - 004078962 _____ () C:\Users\Niko\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2017-06-30 22:57 - 2017-06-23 05:21 - 003807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-30 22:57 - 2017-06-23 05:21 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2013-06-17 13:35 - 2013-06-17 13:35 - 000478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 001270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\kpcengine.2.3.dll
2017-06-15 12:36 - 2017-06-15 12:36 - 000166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-30 22:47 - 2014-03-08 12:05 - 000002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\Drakonia Configurator\hid.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Skiller PRO => "C:\Program Files (x86)\Skiller PRO\Monitor.exe"
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FA3769F3-CE81-426B-8B2A-1B803B6714F0}] => (Allow) LPort=1542
FirewallRules: [{E16ABA41-BFCC-4F02-90C1-B00EA33F1E98}] => (Allow) LPort=1542
FirewallRules: [{6C240299-F132-4BB5-971C-101F4B4D6772}] => (Allow) LPort=53
FirewallRules: [TCP Query User{B2DAC3C0-8B7A-4C75-9C6D-A3FC471E5B48}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{0D0BD8AC-F5EC-4FE5-A70F-CFFFB4C3535F}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{64E0FE84-7E68-4780-BD7F-D6C7444588E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{450A84A2-749C-465A-9D74-928D00C5B367}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A0EBF6E0-58D2-49BC-AF11-FF0FBE38DA21}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{43CEAB4A-24E2-4149-9C4C-2E3678827877}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [TCP Query User{E2DEE087-44CD-4921-9F6C-9B47890E480E}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9D21E407-2076-4F9E-9F37-C2ABCE18FB77}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{7B9A2D8C-6920-45B1-80F7-9F17CBCBBBE2}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{6166B344-E8E2-4ACF-8DBB-A2CC21862343}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{559DB375-E0FE-4934-88A9-B2CDD434C3FE}C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe
FirewallRules: [UDP Query User{26310919-6788-4418-8250-5DC542E7019A}C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe
FirewallRules: [{1145A7A7-9D04-4333-B1A9-37382EE09AE2}] => (Block) C:\Program Files (x86)\Activision\Call of Duty 5 - World at War\CoDWaW.exe
FirewallRules: [{2114E51C-3CD8-40EA-BB24-B5089800AA87}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F511107A-A5FA-44EE-9B03-1F28A7567F0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0AA84385-A00B-408D-868A-39EC8A06AEA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C98529F4-0F44-452E-970C-24FBCEA49B20}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7032CF92-04B2-47C4-A051-6CFE3D507DF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{83C720A2-6F50-4EFF-A583-5F0BBBB0C578}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{1121D106-138D-4658-80A1-37D4F7C651B2}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{0A166F36-6821-45A8-A0E8-A0FB2657186E}C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{B5381106-F358-47BB-900E-4029E048FE65}C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe
FirewallRules: [{917681C2-8D27-4A7B-B58E-0D46FD68EC6C}] => (Block) %ProgramFiles% (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [TCP Query User{8C312707-A4FA-43B9-B52F-F337CCAAD59B}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe
FirewallRules: [UDP Query User{B6F38871-3DA6-4577-B7A5-48BE2863AB7D}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe
FirewallRules: [TCP Query User{1BC3FA3D-0B99-47F8-B266-9DFE1F4A2221}C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe
FirewallRules: [UDP Query User{886E419E-F913-462E-969A-444D2608EDC8}C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe
FirewallRules: [{6C5E9052-FD13-4716-882C-79B96EC04B7A}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{DA3601BD-DC0F-4CEC-98DF-E205029C8C7E}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{C1BFB3E2-F82B-4903-81C5-B616EABBDCAE}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{C752132D-F071-43D8-AFC2-15A1AC3568E8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{4EB2DC08-781E-42C7-B96F-8CBF827C8CA2}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [UDP Query User{E25201E5-BD2C-4069-910C-FB4254714B8D}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [{18FEEBC3-FD9E-4944-BDF0-5DC6B64F3C82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{895452D7-99A7-4114-87B0-9FF37BA8B1AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{01D21AE8-3C26-4407-8D42-A94BCF8BB70F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{71DB3129-E729-47CF-8C7C-923C3B3C21E0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{09225EE8-5677-4916-A8E2-A3268C7D684E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9686754B-F86A-48ED-A678-8B1B48CDF23A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4DB992F8-7FB9-4A81-94B3-6547641EDD97}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop CC\Photoshop.exe
FirewallRules: [{36A99C31-F804-4C8D-94C5-44E0FF82DED7}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [TCP Query User{B96D5F3A-2324-4D0C-AB14-99E42FF402CA}C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe
FirewallRules: [UDP Query User{5EDD385E-4556-4FD6-BCF7-EAAC6925E3F8}C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe
FirewallRules: [TCP Query User{DFF6E79E-1E9B-4C9C-9E72-F5D970643AAB}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{3959CC63-2F51-4830-B367-55351EBF70EA}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{F9987285-9B58-40B7-AFC1-E37588B42BE7}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\UpLauncher.exe
FirewallRules: [{061BB67F-F867-4FB8-98A4-9A3598DB5FF9}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\TestDrive2.exe
FirewallRules: [{6F31DE50-E6B2-4F9B-B53F-FCA0D0F70434}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\UpLauncher.exe
FirewallRules: [{D6746BDD-A1C5-4036-9629-FF536C376F9B}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\stronghold_crusader_extreme.exe
FirewallRules: [{72CEF630-2BFB-4133-8F76-236BDC4D1936}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{2270157A-24CE-4FD8-9AEF-DFBD4C24B0FB}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B1E8CCB7-21C8-4F41-BBE3-16A4254415E5}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{BA065EFB-4B13-42C3-9E33-DCDA436AA9FF}C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe
FirewallRules: [UDP Query User{E94D2FAF-78D1-41CE-899B-0B2F84580CD5}C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe
FirewallRules: [{CF091463-4B98-4363-9B90-0710D0FECABA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{60100688-3F55-4E09-BF77-7B5E3B3647EB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C485643D-2AFF-4E6D-929D-42EF90865F4E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C2C28C3C-A6E8-4EAB-8429-F059F86F7BD0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{EC55DC6F-2B60-45DD-84C0-25AFF0FC7D23}C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{2F653C76-EE5F-4523-B0B8-5AF8D1928186}C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{5090092D-240B-4B21-84F3-B87F1A013E40}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [{760C8884-D1D0-4D29-BDF6-8E0F630B8130}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EDC9DDE5-70CA-4989-9336-8EA2BFDB650C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A967421B-32EA-4B22-AC36-D33B9B5B0628}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6A1DCED5-C03F-420A-A180-0357E0F8A9B7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{92E764A2-1693-4D6D-B8E6-FACE3C00CB66}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{1816E24A-43BC-40E1-B57B-FA350CE0CD4D}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{2E2042A8-5DE5-4EAB-BBA1-90FADFD0960E}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{55ABA1E5-27FB-405B-BDD5-50FC55F42C86}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [TCP Query User{8E029F67-9AC4-49C1-BFF9-03BD0F76694A}C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{C247D5D5-D15B-4AEA-A358-1C37EA31906C}C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{8087AC03-A46B-4451-830F-3B45F3C8ADA9}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{0AB6005C-3AE0-4F22-8249-A85BC8BBAF4E}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{1708A03A-559C-4362-BFB5-0EFBA5221290}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{864B25B9-2822-4467-8126-607E510334D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{423E07FB-28BC-4946-8D04-42FDDC8BC563}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C460C2B-075C-4AB6-A90E-7C2934DEC9CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9CBB1FBE-F775-426E-9E1F-79397534F900}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{EDAA072E-A9AC-4A0B-9971-A4B5C352D84F}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{43B6C9AF-D906-42C3-8870-FF6B3A341FA5}] => (Allow) LPort=4481
FirewallRules: [{60680C4C-A6D9-4779-8EBF-25357923A0A4}] => (Allow) LPort=4481
FirewallRules: [{237F42FD-E704-489B-B345-5E5101D6F76A}] => (Allow) LPort=4482
FirewallRules: [{B4640666-DDAB-4ECA-AC1B-5E00AFFC8CB6}] => (Allow) LPort=4482
FirewallRules: [{978335EE-5859-48B9-A2BB-B72BFDEF888B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1E6D4A7C-3D1E-4A99-98B6-37DAA8B41AEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FD6F8533-596D-4873-9557-1E5E7A57DE4C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{09CA70CD-76AA-4694-9C61-5CC4B5774FC1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1DFC6904-B7E9-4C9B-8A55-0138FA1E637E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6C5A8E30-6FD3-475B-83B9-CC23D8B85DF1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A51C9788-A85A-4382-A278-8C858E1B467D}] => (Allow) K:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{282B249F-126F-4B40-ACFC-4F22BB60EE07}] => (Allow) K:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F26D6D1B-C192-462C-A945-34632FC8D5B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9BC86692-CEBB-45C4-A5A7-C1D8603C6D12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1DBFC50E-454F-4BAC-9AAD-D0C10D78B079}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [{F19FDC1C-3528-45FD-A2A0-60044D8956F8}] => (Allow) LPort=8318
FirewallRules: [{B70F7D98-7D1D-4495-AD5A-A5CE513138C0}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{0F1E3529-4F79-4547-8F39-419A31031781}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{DFA17B34-8D14-438D-BC58-DD0F2458B590}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{A846CCCF-7CE8-4762-9FA3-F8DB3BA65B3A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [TCP Query User{E8F448A3-3114-4568-A6FC-BEA41A502B14}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{4030E393-78F4-4CD7-A2C7-684AEBB6D820}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [{85C1534F-6F5D-4EC8-9C9A-2D11C9FD063C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{423C1F69-B2B3-47AF-AF3D-BAB542046184}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{5B86CBDB-443C-4924-AB5B-17F1F2157DC2}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{4ECA478A-A9B9-4584-BAF5-14BDE21CC59F}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{8DDBB44E-4220-45BD-B591-781DD38BF383}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{69A6252B-617E-433F-A39C-5AA6486F9FB1}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

30-07-2017 13:34:40 Geplanter Prüfpunkt
30-07-2017 19:00:13 Windows-Sicherung
01-08-2017 18:36:52 Windows Update
04-08-2017 19:09:50 Windows Update
06-08-2017 11:44:28 Installiert Call of Duty - United Offensive
06-08-2017 17:42:04 Installiert Call of Duty - United Offensive
06-08-2017 19:00:12 Windows-Sicherung
06-08-2017 19:41:12 Installiert Call of Duty - United Offensive
06-08-2017 20:35:28 Installiert Electronic Arts Product Registration

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/07/2017 06:12:41 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\Windows\system32\lsm.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.

Error: (08/07/2017 06:23:06 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (08/06/2017 08:49:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Game.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1cfc

Startzeit: 01d30ee3fa7954ee

Endzeit: 133

Anwendungspfad: C:\Program Files (x86)\EA Games\Harry Potter und die Kammer des Schreckens\system\Game.exe

Berichts-ID:

Error: (08/06/2017 08:40:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Souldrinker.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1adc

Startzeit: 01d30ee337890c97

Endzeit: 4

Anwendungspfad: D:\Crack\Souldrinker.exe

Berichts-ID:

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:22:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cod2.exe, Version: 2.1.12.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23807, Zeitstempel: 0x5915f8e8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00033b18
ID des fehlerhaften Prozesses: 0x12f0
Startzeit der fehlerhaften Anwendung: 0x01d30ee0a246a533
Pfad der fehlerhaften Anwendung: D:\Setup\rsrc\cod2.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: 231d6be4-7ad4-11e7-b479-bcaec5da2ffe

Error: (08/06/2017 08:21:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (08/07/2017 06:15:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/07/2017 06:15:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/07/2017 06:15:13 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/07/2017 06:15:11 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/07/2017 06:14:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎08.‎2017 um 18:12:49 unerwartet heruntergefahren.

Error: (08/07/2017 06:12:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/07/2017 06:11:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/07/2017 06:11:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/07/2017 06:11:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "chip 1-click download service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/07/2017 06:10:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2014-08-13 17:26:13.528
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.527
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.516
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.500
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.498
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.677
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.676
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.674
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.659
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X6 1075T Processor
Prozentuale Nutzung des RAM: 72%
Installierter physikalischer RAM: 4095.18 MB
Verfügbarer physikalischer RAM: 1127.71 MB
Summe virtueller Speicher: 8188.54 MB
Verfügbarer virtueller Speicher: 4421.71 MB

==================== Laufwerke ================================

Drive c: (Niko) (Fixed) (Total:931.41 GB) (Free:403.68 GB) NTFS
Drive k: (ZKF Ausbildungsfilm 2014) (CDROM) (Total:0.59 GB) (Free:0 GB) UDF
Drive l: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 40D8DD8F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 08.08.2017, 18:29   #3
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

Code



Code:
ATTFilter
19:16:02.0118 0x0cb4  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
19:16:31.0678 0x0cb4  ============================================================
19:16:31.0678 0x0cb4  Current date / time: 2017/08/07 19:16:31.0678
19:16:31.0678 0x0cb4  SystemInfo:
19:16:31.0678 0x0cb4  
19:16:31.0678 0x0cb4  OS Version: 6.1.7601 ServicePack: 1.0
19:16:31.0678 0x0cb4  Product type: Workstation
19:16:31.0678 0x0cb4  ComputerName: NIKO-PC
19:16:31.0678 0x0cb4  UserName: Niko
19:16:31.0678 0x0cb4  Windows directory: C:\Windows
19:16:31.0678 0x0cb4  System windows directory: C:\Windows
19:16:31.0678 0x0cb4  Running under WOW64
19:16:31.0678 0x0cb4  Processor architecture: Intel x64
19:16:31.0678 0x0cb4  Number of processors: 6
19:16:31.0678 0x0cb4  Page size: 0x1000
19:16:31.0678 0x0cb4  Boot type: Normal boot
19:16:31.0678 0x0cb4  CodeIntegrityOptions = 0x00000001
19:16:31.0678 0x0cb4  ============================================================
19:16:34.0766 0x0cb4  KLMD registered as C:\Windows\system32\drivers\69491431.sys
19:16:34.0766 0x0cb4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23807, osProperties = 0x1
19:16:35.0175 0x0cb4  System UUID: {CCFD201C-1916-132A-BA27-90AE249F8247}
19:16:35.0993 0x0cb4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:16:36.0091 0x0cb4  ============================================================
19:16:36.0091 0x0cb4  \Device\Harddisk0\DR0:
19:16:36.0091 0x0cb4  MBR partitions:
19:16:36.0091 0x0cb4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:16:36.0091 0x0cb4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:16:36.0091 0x0cb4  ============================================================
19:16:36.0126 0x0cb4  C: <-> \Device\Harddisk0\DR0\Partition2
19:16:36.0155 0x0cb4  L: <-> \Device\Harddisk0\DR0\Partition1
19:16:36.0155 0x0cb4  ============================================================
19:16:36.0155 0x0cb4  Initialize success
19:16:36.0155 0x0cb4  ============================================================
19:17:18.0457 0x0918  ============================================================
19:17:18.0457 0x0918  Scan started
19:17:18.0457 0x0918  Mode: Manual; SigCheck; TDLFS; 
19:17:18.0457 0x0918  ============================================================
19:17:18.0457 0x0918  KSN ping started
19:17:18.0601 0x0918  KSN ping finished: true
19:17:20.0085 0x0918  ================ Scan system memory ========================
19:17:20.0085 0x0918  System memory - ok
19:17:20.0086 0x0918  ================ Scan services =============================
19:17:20.0242 0x0918  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
19:17:20.0341 0x0918  1394ohci - ok
19:17:20.0417 0x0918  7ByteIo - ok
19:17:20.0451 0x0918  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:17:20.0468 0x0918  ACPI - ok
19:17:20.0486 0x0918  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:17:20.0497 0x0918  AcpiPmi - ok
19:17:20.0660 0x0918  [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:17:20.0671 0x0918  AdobeARMservice - ok
19:17:20.0760 0x0918  [ 0DC99843E91A0313F0C6591656D650A5, 583DCD5D3BA3F470FF9F39221358EF2DF01FE62B98562FCFD1AD99FA1C01892E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:17:20.0793 0x0918  AdobeFlashPlayerUpdateSvc - ok
19:17:20.0857 0x0918  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:17:20.0877 0x0918  adp94xx - ok
19:17:20.0901 0x0918  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:17:20.0917 0x0918  adpahci - ok
19:17:20.0937 0x0918  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:17:20.0950 0x0918  adpu320 - ok
19:17:20.0985 0x0918  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:17:20.0996 0x0918  AeLookupSvc - ok
19:17:21.0048 0x0918  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD             C:\Windows\system32\drivers\afd.sys
19:17:21.0070 0x0918  AFD - ok
19:17:21.0141 0x0918  [ 91E6FD5F56E439CD77A4470E312C904D, 185033A3F12D34811D0FD9C5AE6212F4273969EDC4748011FA456120EC42BF7C ] AFTrafMgr1.2    C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys
19:17:21.0189 0x0918  AFTrafMgr1.2 - ok
19:17:21.0209 0x0918  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:17:21.0219 0x0918  agp440 - ok
19:17:21.0363 0x0918  [ 078B785A7533B7059A236017B3B060A4, 43B3E716009136A5A5A86BF8546DE6C416CA3B7F8EEC242D9D44EF12111B7A6E ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
19:17:21.0435 0x0918  AGSService - ok
19:17:21.0484 0x0918  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:17:21.0495 0x0918  ALG - ok
19:17:21.0517 0x0918  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:17:21.0526 0x0918  aliide - ok
19:17:21.0578 0x0918  [ DDEA39A56B801A675E118429AF6A30D2, D61A702E8777514A6926D1D5EB180F33C6317871013B355E7C17FE37C14C5D7F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:17:21.0594 0x0918  AMD External Events Utility - ok
19:17:21.0672 0x0918  AMD FUEL Service - ok
19:17:21.0689 0x0918  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:17:21.0698 0x0918  amdide - ok
19:17:21.0737 0x0918  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
19:17:21.0746 0x0918  amdiox64 - ok
19:17:21.0812 0x0918  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:17:21.0839 0x0918  AmdK8 - ok
19:17:22.0166 0x0918  [ 7F2BDD27F3611041D6B0D6C565A748A7, F74A3589253AAEDAFB15D5C439771339FC3B78B1CE51409A630822B653D4885D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:17:22.0511 0x0918  amdkmdag - ok
19:17:22.0560 0x0918  [ 8E2A3479CF4E871F37D0F023692E6694, BE995D5679ABEF800E24208A068C44A10607305A8C328FF29A11DCAAB4D18FBB ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:17:22.0579 0x0918  amdkmdap - ok
19:17:22.0594 0x0918  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:17:22.0604 0x0918  AmdPPM - ok
19:17:22.0630 0x0918  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:17:22.0641 0x0918  amdsata - ok
19:17:22.0662 0x0918  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:17:22.0675 0x0918  amdsbs - ok
19:17:22.0690 0x0918  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:17:22.0699 0x0918  amdxata - ok
19:17:22.0712 0x0918  [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:17:22.0720 0x0918  AODDriver4.1 - ok
19:17:22.0763 0x0918  [ FD481DB6ACCAEE727E64043FB2E456F4, 2724A3D0B7F979AF5F485000F555495FA21A443159F29BC1B042C4800D7A368A ] AppID           C:\Windows\system32\drivers\appid.sys
19:17:22.0773 0x0918  AppID - ok
19:17:22.0789 0x0918  [ 89263F9C4A1BC46D350BAD1DD24EE878, B9B0FCBCF53D6739329C93350DB0DB4A0FE8C347F7922ABFEA452CF6EF33DE91 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:17:22.0798 0x0918  AppIDSvc - ok
19:17:22.0834 0x0918  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
19:17:22.0845 0x0918  Appinfo - ok
19:17:22.0912 0x0918  [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:17:22.0922 0x0918  Apple Mobile Device Service - ok
19:17:22.0940 0x0918  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:17:22.0949 0x0918  arc - ok
19:17:22.0963 0x0918  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:17:22.0973 0x0918  arcsas - ok
19:17:23.0065 0x0918  [ 92C120176C43C62AFE107B5D945CE6EC, E3BA1200BD04167589D7AF29F6550F3242DB321DDCD6890D645A2053CC78C7E6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:17:23.0153 0x0918  aspnet_state - ok
19:17:23.0190 0x0918  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:17:23.0215 0x0918  AsyncMac - ok
19:17:23.0235 0x0918  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:17:23.0244 0x0918  atapi - ok
19:17:23.0267 0x0918  [ B0790FF0E25B7A2674296052F2162C1A, 930D1A09E93117E081C532D6EDB1E870736AE3806D13AE7F0C7748FD4EAB3D89 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:17:23.0276 0x0918  AtiHDAudioService - ok
19:17:23.0601 0x0918  [ 7F2BDD27F3611041D6B0D6C565A748A7, F74A3589253AAEDAFB15D5C439771339FC3B78B1CE51409A630822B653D4885D ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:17:23.0847 0x0918  atikmdag - ok
19:17:23.0907 0x0918  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
19:17:23.0922 0x0918  atksgt - ok
19:17:23.0972 0x0918  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:17:23.0998 0x0918  AudioEndpointBuilder - ok
19:17:24.0028 0x0918  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:17:24.0050 0x0918  AudioSrv - ok
19:17:24.0134 0x0918  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\avp.exe
19:17:24.0147 0x0918  AVP - ok
19:17:24.0193 0x0918  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:17:24.0208 0x0918  AxInstSV - ok
19:17:24.0251 0x0918  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:17:24.0275 0x0918  b06bdrv - ok
19:17:24.0297 0x0918  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:17:24.0311 0x0918  b57nd60a - ok
19:17:24.0351 0x0918  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:17:24.0374 0x0918  BDESVC - ok
19:17:24.0380 0x0918  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:17:24.0404 0x0918  Beep - ok
19:17:24.0454 0x0918  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:17:24.0479 0x0918  BFE - ok
19:17:24.0556 0x0918  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:17:24.0598 0x0918  BITS - ok
19:17:24.0729 0x0918  [ 686045905787B68D829CE647A6DFAD2B, 09B925A3E02B3BA45D5D408B59A279D3255AC854B3B696E243DCD14EF18CEC92 ] Blackberry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
19:17:24.0747 0x0918  Blackberry Device Manager - detected UnsignedFile.Multi.Generic ( 1 )
19:17:24.0898 0x0918  Detect skipped due to KSN trusted
19:17:24.0899 0x0918  Blackberry Device Manager - ok
19:17:24.0925 0x0918  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:17:24.0935 0x0918  blbdrive - ok
19:17:24.0993 0x0918  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:17:25.0010 0x0918  Bonjour Service - ok
19:17:25.0047 0x0918  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:17:25.0058 0x0918  bowser - ok
19:17:25.0069 0x0918  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:17:25.0079 0x0918  BrFiltLo - ok
19:17:25.0116 0x0918  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:17:25.0126 0x0918  BrFiltUp - ok
19:17:25.0138 0x0918  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:17:25.0150 0x0918  Browser - ok
19:17:25.0172 0x0918  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:17:25.0187 0x0918  Brserid - ok
19:17:25.0204 0x0918  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:17:25.0216 0x0918  BrSerWdm - ok
19:17:25.0230 0x0918  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:17:25.0240 0x0918  BrUsbMdm - ok
19:17:25.0244 0x0918  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:17:25.0253 0x0918  BrUsbSer - ok
19:17:25.0264 0x0918  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:17:25.0276 0x0918  BTHMODEM - ok
19:17:25.0292 0x0918  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:17:25.0318 0x0918  bthserv - ok
19:17:25.0342 0x0918  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:17:25.0368 0x0918  cdfs - ok
19:17:25.0399 0x0918  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:17:25.0444 0x0918  cdrom - ok
19:17:25.0472 0x0918  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:17:25.0496 0x0918  CertPropSvc - ok
19:17:25.0548 0x0918  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
19:17:25.0553 0x0918  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
19:17:25.0704 0x0918  Detect skipped due to KSN trusted
19:17:25.0704 0x0918  chip1click - ok
19:17:25.0708 0x0918  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:17:25.0719 0x0918  circlass - ok
19:17:25.0760 0x0918  [ E465632DC8D34C3FA7CAB4F4B4A407C1, 3180089514024C5640568117F139BDACC7CABE1C6D11B8A427FBE21F77AE6C7B ] CLFS            C:\Windows\system32\CLFS.sys
19:17:25.0777 0x0918  CLFS - ok
19:17:25.0843 0x0918  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:17:25.0853 0x0918  clr_optimization_v2.0.50727_32 - ok
19:17:25.0914 0x0918  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:17:25.0925 0x0918  clr_optimization_v2.0.50727_64 - ok
19:17:25.0991 0x0918  [ 1A3D6CABDC37B34D85059185272DBB2F, C7FAB62EC4D9947ADAD0E065D4CDAF8D6EA2AF9FD0C3A1F1A676276825808FD8 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:17:26.0150 0x0918  clr_optimization_v4.0.30319_32 - ok
19:17:26.0175 0x0918  [ 59B44C95D56A9BB269B1D4A3F25468C2, 462799657FA493866A14F0D36D5D92C95E8886E6AC5F199D069E6938425A9218 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:17:26.0239 0x0918  clr_optimization_v4.0.30319_64 - ok
19:17:26.0256 0x0918  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:17:26.0284 0x0918  CmBatt - ok
19:17:26.0319 0x0918  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:17:26.0327 0x0918  cmdide - ok
19:17:26.0376 0x0918  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:17:26.0399 0x0918  CNG - ok
19:17:26.0415 0x0918  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:17:26.0424 0x0918  Compbatt - ok
19:17:26.0434 0x0918  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:17:26.0446 0x0918  CompositeBus - ok
19:17:26.0449 0x0918  COMSysApp - ok
19:17:26.0453 0x0918  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:17:26.0462 0x0918  crcdisk - ok
19:17:26.0510 0x0918  [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:17:26.0523 0x0918  CryptSvc - ok
19:17:26.0570 0x0918  [ 5E9F8D029D9B03110D835CBFC058068B, 038FDF99C643C8102026BA26A75899A56E91AD0C239DF71AA5443FD35C718C78 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:17:26.0589 0x0918  DcomLaunch - ok
19:17:26.0635 0x0918  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:17:26.0666 0x0918  defragsvc - ok
19:17:26.0707 0x0918  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:17:26.0718 0x0918  DfsC - ok
19:17:26.0747 0x0918  [ 51D50A9A72C18E4629891BF381D123BA, 3C9156F4430A677ACF8F79A648E8FAA668F4A8B58E202B4898CE95396F5A5820 ] DFX11_1         C:\Windows\system32\drivers\dfx11_1x64.sys
19:17:26.0755 0x0918  DFX11_1 - ok
19:17:26.0819 0x0918  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:17:26.0834 0x0918  Dhcp - ok
19:17:26.0913 0x0918  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:17:26.0972 0x0918  DiagTrack - ok
19:17:26.0987 0x0918  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:17:27.0011 0x0918  discache - ok
19:17:27.0031 0x0918  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
19:17:27.0040 0x0918  Disk - ok
19:17:27.0065 0x0918  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:17:27.0077 0x0918  Dnscache - ok
19:17:27.0112 0x0918  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:17:27.0140 0x0918  dot3svc - ok
19:17:27.0173 0x0918  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:17:27.0201 0x0918  DPS - ok
19:17:27.0253 0x0918  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:17:27.0261 0x0918  drmkaud - ok
19:17:27.0323 0x0918  [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:17:27.0367 0x0918  DXGKrnl - ok
19:17:27.0403 0x0918  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:17:27.0430 0x0918  EapHost - ok
19:17:27.0544 0x0918  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:17:27.0652 0x0918  ebdrv - ok
19:17:27.0692 0x0918  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] EFS             C:\Windows\System32\lsass.exe
19:17:27.0702 0x0918  EFS - ok
19:17:27.0772 0x0918  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:17:27.0797 0x0918  ehRecvr - ok
19:17:27.0830 0x0918  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:17:27.0841 0x0918  ehSched - ok
19:17:27.0874 0x0918  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:17:27.0894 0x0918  elxstor - ok
19:17:27.0953 0x0918  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
19:17:27.0964 0x0918  EpsonScanSvc - ok
19:17:27.0983 0x0918  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:17:27.0993 0x0918  ErrDev - ok
19:17:28.0109 0x0918  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:17:28.0172 0x0918  EventSystem - ok
19:17:28.0216 0x0918  [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:17:28.0241 0x0918  exfat - ok
19:17:28.0274 0x0918  [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:17:28.0288 0x0918  fastfat - ok
19:17:28.0335 0x0918  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:17:28.0365 0x0918  Fax - ok
19:17:28.0379 0x0918  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:17:28.0388 0x0918  fdc - ok
19:17:28.0405 0x0918  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:17:28.0428 0x0918  fdPHost - ok
19:17:28.0432 0x0918  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:17:28.0458 0x0918  FDResPub - ok
19:17:28.0468 0x0918  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:17:28.0477 0x0918  FileInfo - ok
19:17:28.0492 0x0918  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:17:28.0516 0x0918  Filetrace - ok
19:17:28.0528 0x0918  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:17:28.0537 0x0918  flpydisk - ok
19:17:28.0581 0x0918  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:17:28.0596 0x0918  FltMgr - ok
19:17:28.0671 0x0918  [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache       C:\Windows\system32\FntCache.dll
19:17:28.0715 0x0918  FontCache - ok
19:17:28.0759 0x0918  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:17:28.0767 0x0918  FontCache3.0.0.0 - ok
19:17:28.0782 0x0918  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:17:28.0791 0x0918  FsDepends - ok
19:17:28.0807 0x0918  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:17:28.0817 0x0918  Fs_Rec - ok
19:17:28.0915 0x0918  [ 895BA1CFF25E867CE5A52073E905C93B, A417065E831B768BD76364EC1E5FEDAADF172DCD1E6C2A134CB311EDDC2DC477 ] fussvc          C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
19:17:28.0921 0x0918  fussvc - detected UnsignedFile.Multi.Generic ( 1 )
19:17:29.0292 0x0918  Detect skipped due to KSN trusted
19:17:29.0292 0x0918  fussvc - ok
19:17:29.0325 0x0918  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:17:29.0340 0x0918  fvevol - ok
19:17:29.0358 0x0918  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:17:29.0368 0x0918  gagp30kx - ok
19:17:29.0422 0x0918  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
19:17:29.0476 0x0918  gpsvc - ok
19:17:29.0586 0x0918  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:17:29.0596 0x0918  gupdate - ok
19:17:29.0601 0x0918  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:17:29.0610 0x0918  gupdatem - ok
19:17:29.0625 0x0918  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:17:29.0634 0x0918  hcw85cir - ok
19:17:29.0659 0x0918  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:17:29.0677 0x0918  HdAudAddService - ok
19:17:29.0707 0x0918  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:17:29.0720 0x0918  HDAudBus - ok
19:17:29.0732 0x0918  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:17:29.0741 0x0918  HidBatt - ok
19:17:29.0756 0x0918  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:17:29.0768 0x0918  HidBth - ok
19:17:29.0782 0x0918  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:17:29.0793 0x0918  HidIr - ok
19:17:29.0835 0x0918  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:17:29.0860 0x0918  hidserv - ok
19:17:29.0895 0x0918  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:17:29.0903 0x0918  HidUsb - ok
19:17:29.0945 0x0918  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:17:29.0971 0x0918  hkmsvc - ok
19:17:30.0012 0x0918  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:17:30.0054 0x0918  HomeGroupListener - ok
19:17:30.0071 0x0918  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:17:30.0084 0x0918  HomeGroupProvider - ok
19:17:30.0100 0x0918  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:17:30.0110 0x0918  HpSAMD - ok
19:17:30.0246 0x0918  [ F4DF5C1784200D0A903D9F215557AA5E, 37D5824043D631F0CE3BCBFD5BDB8F52359C6AE5949B56A739E0C454919D15AD ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
19:17:30.0331 0x0918  hshld - ok
19:17:30.0379 0x0918  [ FE1F81AA487E8AC807F2D774E129368F, 0F84814112E5B22E3EFD22DDED8BE7D42D85D82F3796DBD760045C7F1FE3F4BA ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
19:17:30.0388 0x0918  HssDRV6 - ok
19:17:30.0442 0x0918  [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:17:30.0469 0x0918  HTTP - ok
19:17:30.0512 0x0918  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:17:30.0520 0x0918  hwpolicy - ok
19:17:30.0532 0x0918  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:17:30.0543 0x0918  i8042prt - ok
19:17:30.0593 0x0918  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:17:30.0610 0x0918  iaStorV - ok
19:17:30.0674 0x0918  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:17:30.0705 0x0918  idsvc - ok
19:17:30.0735 0x0918  IEEtwCollectorService - ok
19:17:30.0749 0x0918  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:17:30.0759 0x0918  iirsp - ok
19:17:30.0818 0x0918  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:17:30.0862 0x0918  IKEEXT - ok
19:17:30.0935 0x0918  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:17:30.0943 0x0918  intelide - ok
19:17:30.0969 0x0918  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:17:30.0979 0x0918  intelppm - ok
19:17:31.0011 0x0918  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:17:31.0037 0x0918  IPBusEnum - ok
19:17:31.0093 0x0918  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:17:31.0117 0x0918  IpFilterDriver - ok
19:17:31.0191 0x0918  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:17:31.0212 0x0918  iphlpsvc - ok
19:17:31.0256 0x0918  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:17:31.0266 0x0918  IPMIDRV - ok
19:17:31.0285 0x0918  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:17:31.0311 0x0918  IPNAT - ok
19:17:31.0389 0x0918  [ 9B24DED2B57F2E47A78BE6B1BC87F3DD, 237E47356F26A0783267B350730A27E4A51B32ABDAC98346F39347183DD3F063 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:17:31.0413 0x0918  iPod Service - ok
19:17:31.0441 0x0918  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:17:31.0452 0x0918  IRENUM - ok
19:17:31.0465 0x0918  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:17:31.0474 0x0918  isapnp - ok
19:17:31.0512 0x0918  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:17:31.0526 0x0918  iScsiPrt - ok
19:17:31.0541 0x0918  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:17:31.0551 0x0918  kbdclass - ok
19:17:31.0581 0x0918  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:17:31.0591 0x0918  kbdhid - ok
19:17:31.0603 0x0918  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] KeyIso          C:\Windows\system32\lsass.exe
19:17:31.0612 0x0918  KeyIso - ok
19:17:31.0668 0x0918  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
19:17:31.0686 0x0918  kl1 - ok
19:17:31.0722 0x0918  [ D0C3AEF67932D2A80736FBCB956C017D, 166C2FD5F1B6FFE7A71CD821DFDD02B68D25CBF0D44BD6F2522C65CF1DEB363C ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
19:17:31.0732 0x0918  klflt - ok
19:17:31.0800 0x0918  [ 41DF293A7F0418F5DDED9F0297DC68F3, 25DE4BB7F2D915FCF576ABD46EEDC5574B694A2D1E5CB7AB565792C7BB57C76B ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:17:31.0823 0x0918  KLIF - ok
19:17:31.0830 0x0918  [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
19:17:31.0839 0x0918  KLIM6 - ok
19:17:31.0850 0x0918  [ 8DA5BC75C3E8A995335642F26CAEA54B, 3995AAB499A37077AA4FB372E75CD9259BA3EA7020B961CF482AC948D2D47AB4 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
19:17:31.0858 0x0918  klkbdflt - ok
19:17:31.0873 0x0918  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:17:31.0881 0x0918  klmouflt - ok
19:17:31.0896 0x0918  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
19:17:31.0904 0x0918  klpd - ok
19:17:31.0915 0x0918  [ 4828B3D2BC89B05E07101C6E60CE0A6A, C2D40EA03A526286AEDF27DE80CB0576EB59EB7581C9E9ECFCB867349593D7CE ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
19:17:31.0924 0x0918  kltdi - ok
19:17:31.0944 0x0918  [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
19:17:31.0956 0x0918  kneps - ok
19:17:31.0994 0x0918  [ 5111D419808BF6B3BC5BC67C052F0286, 159348B645D6B5CBAD4410DA5B9CD0E9D551CAAD310E03D96C6902439604F97C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:17:32.0004 0x0918  KSecDD - ok
19:17:32.0020 0x0918  [ 46D16E5879A3F874EEDCE243AE17EF45, EB72E1DBA5611D16A8D80BBC4F9A7921A268E5D38F20915849EB2311121757FA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:17:32.0032 0x0918  KSecPkg - ok
19:17:32.0035 0x0918  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:17:32.0059 0x0918  ksthunk - ok
19:17:32.0103 0x0918  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:17:32.0136 0x0918  KtmRm - ok
19:17:32.0174 0x0918  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:17:32.0204 0x0918  LanmanServer - ok
19:17:32.0238 0x0918  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:17:32.0265 0x0918  LanmanWorkstation - ok
19:17:32.0309 0x0918  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
19:17:32.0317 0x0918  lirsgt - ok
19:17:32.0346 0x0918  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:17:32.0371 0x0918  lltdio - ok
19:17:32.0407 0x0918  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:17:32.0439 0x0918  lltdsvc - ok
19:17:32.0457 0x0918  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:17:32.0482 0x0918  lmhosts - ok
19:17:32.0497 0x0918  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:17:32.0507 0x0918  LSI_FC - ok
19:17:32.0526 0x0918  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:17:32.0537 0x0918  LSI_SAS - ok
19:17:32.0555 0x0918  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:17:32.0564 0x0918  LSI_SAS2 - ok
19:17:32.0576 0x0918  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:17:32.0587 0x0918  LSI_SCSI - ok
19:17:32.0601 0x0918  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:17:32.0628 0x0918  luafv - ok
19:17:32.0667 0x0918  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:17:32.0678 0x0918  Mcx2Svc - ok
19:17:32.0690 0x0918  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:17:32.0698 0x0918  megasas - ok
19:17:32.0721 0x0918  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:17:32.0736 0x0918  MegaSR - ok
19:17:32.0814 0x0918  Microsoft SharePoint Workspace Audit Service - ok
19:17:32.0844 0x0918  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:17:32.0870 0x0918  MMCSS - ok
19:17:32.0878 0x0918  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:17:32.0903 0x0918  Modem - ok
19:17:32.0921 0x0918  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:17:32.0932 0x0918  monitor - ok
19:17:32.0944 0x0918  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:17:32.0953 0x0918  mouclass - ok
19:17:32.0957 0x0918  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:17:32.0966 0x0918  mouhid - ok
19:17:33.0006 0x0918  [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:17:33.0016 0x0918  mountmgr - ok
19:17:33.0058 0x0918  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:17:33.0070 0x0918  MozillaMaintenance - ok
19:17:33.0098 0x0918  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:17:33.0110 0x0918  mpio - ok
19:17:33.0122 0x0918  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:17:33.0148 0x0918  mpsdrv - ok
19:17:33.0204 0x0918  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:17:33.0290 0x0918  MpsSvc - ok
19:17:33.0328 0x0918  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:17:33.0340 0x0918  MRxDAV - ok
19:17:33.0381 0x0918  [ EE88FE7F43A53B376142FAE2DAA50EF1, 9048C87484A87481B4F227AF628E573024FB252620C4BD1C9193225ACB9A6BE2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:17:33.0394 0x0918  mrxsmb - ok
19:17:33.0439 0x0918  [ 119CE8CFC2073AE576D92A9A0E164012, 9A9FFF962E851DADAE6E0BE852F251557FF242B385659BAD99A84D4DB929FAE8 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:17:33.0455 0x0918  mrxsmb10 - ok
19:17:33.0499 0x0918  [ 84EE9DC885665DB9A78CC22F365E77D0, 7ADD647A8E5AF3EDA873CA1467A961CDB5CAEF12F689CF0E47C83E8BB382FF73 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:17:33.0512 0x0918  mrxsmb20 - ok
19:17:33.0535 0x0918  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:17:33.0543 0x0918  msahci - ok
19:17:33.0558 0x0918  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:17:33.0569 0x0918  msdsm - ok
19:17:33.0604 0x0918  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:17:33.0617 0x0918  MSDTC - ok
19:17:33.0659 0x0918  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:17:33.0694 0x0918  Msfs - ok
19:17:33.0709 0x0918  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:17:33.0734 0x0918  mshidkmdf - ok
19:17:33.0766 0x0918  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:17:33.0774 0x0918  msisadrv - ok
19:17:33.0816 0x0918  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:17:33.0844 0x0918  MSiSCSI - ok
19:17:33.0847 0x0918  msiserver - ok
19:17:33.0874 0x0918  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:17:33.0898 0x0918  MSKSSRV - ok
19:17:33.0925 0x0918  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:17:33.0949 0x0918  MSPCLOCK - ok
19:17:33.0960 0x0918  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:17:33.0984 0x0918  MSPQM - ok
19:17:34.0027 0x0918  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:17:34.0044 0x0918  MsRPC - ok
19:17:34.0050 0x0918  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:17:34.0059 0x0918  mssmbios - ok
19:17:34.0092 0x0918  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:17:34.0116 0x0918  MSTEE - ok
19:17:34.0129 0x0918  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:17:34.0138 0x0918  MTConfig - ok
19:17:34.0169 0x0918  [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
19:17:34.0182 0x0918  MTsensor - ok
19:17:34.0200 0x0918  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:17:34.0210 0x0918  Mup - ok
19:17:34.0256 0x0918  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:17:34.0290 0x0918  napagent - ok
19:17:34.0343 0x0918  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:17:34.0362 0x0918  NativeWifiP - ok
19:17:34.0426 0x0918  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:17:34.0472 0x0918  NDIS - ok
19:17:34.0492 0x0918  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:17:34.0517 0x0918  NdisCap - ok
19:17:34.0542 0x0918  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:17:34.0568 0x0918  NdisTapi - ok
19:17:34.0613 0x0918  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:17:34.0637 0x0918  Ndisuio - ok
19:17:34.0673 0x0918  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:17:34.0700 0x0918  NdisWan - ok
19:17:34.0735 0x0918  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:17:34.0759 0x0918  NDProxy - ok
19:17:34.0767 0x0918  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:17:34.0792 0x0918  NetBIOS - ok
19:17:34.0834 0x0918  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:17:34.0848 0x0918  NetBT - ok
19:17:34.0859 0x0918  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] Netlogon        C:\Windows\system32\lsass.exe
19:17:34.0868 0x0918  Netlogon - ok
19:17:34.0925 0x0918  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:17:34.0958 0x0918  Netman - ok
19:17:34.0993 0x0918  [ 0A84CDBA132359052C017888C2DFC8E6, C1B0524171E8E2BF2209747D4129018A38F8AC7737670B362CE9F691D57E8C07 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:35.0019 0x0918  NetMsmqActivator - ok
19:17:35.0024 0x0918  [ 0A84CDBA132359052C017888C2DFC8E6, C1B0524171E8E2BF2209747D4129018A38F8AC7737670B362CE9F691D57E8C07 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:35.0036 0x0918  NetPipeActivator - ok
19:17:35.0061 0x0918  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:17:35.0095 0x0918  netprofm - ok
19:17:35.0101 0x0918  [ 0A84CDBA132359052C017888C2DFC8E6, C1B0524171E8E2BF2209747D4129018A38F8AC7737670B362CE9F691D57E8C07 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:35.0113 0x0918  NetTcpActivator - ok
19:17:35.0118 0x0918  [ 0A84CDBA132359052C017888C2DFC8E6, C1B0524171E8E2BF2209747D4129018A38F8AC7737670B362CE9F691D57E8C07 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:35.0131 0x0918  NetTcpPortSharing - ok
19:17:35.0147 0x0918  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:17:35.0156 0x0918  nfrd960 - ok
19:17:35.0204 0x0918  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:17:35.0232 0x0918  NlaSvc - ok
19:17:35.0273 0x0918  [ A962BE6433EF016E0DFB52ECA15A5378, 765D47BCA040034E565CA139120B94562834984EB78DA11807C054BDD5313496 ] nmwcdnsucx64    C:\Windows\system32\drivers\nmwcdnsucx64.sys
19:17:35.0300 0x0918  nmwcdnsucx64 - ok
19:17:35.0326 0x0918  [ 9573223E205907247AE6D948E3453770, 35D32A415F74863D7408229508F134D53CA0FA7EDD8B0E5FEEFC9DE588D0607B ] nmwcdnsux64     C:\Windows\system32\drivers\nmwcdnsux64.sys
19:17:35.0347 0x0918  nmwcdnsux64 - ok
19:17:35.0373 0x0918  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\Windows\system32\drivers\npf.sys
19:17:35.0381 0x0918  npf - ok
19:17:35.0394 0x0918  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:17:35.0419 0x0918  Npfs - ok
19:17:35.0453 0x0918  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:17:35.0478 0x0918  nsi - ok
19:17:35.0485 0x0918  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:17:35.0509 0x0918  nsiproxy - ok
19:17:35.0587 0x0918  [ 7FD5A7FB8F55254E9AF5666C653AF3CA, 5EE9805BB4A952AE455D08953FF12E55879776A521B3333F2730AC552DC17C48 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:17:35.0648 0x0918  Ntfs - ok
19:17:35.0682 0x0918  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:17:35.0706 0x0918  Null - ok
19:17:35.0736 0x0918  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:17:35.0748 0x0918  nvraid - ok
19:17:35.0782 0x0918  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:17:35.0794 0x0918  nvstor - ok
19:17:35.0820 0x0918  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:17:35.0831 0x0918  nv_agp - ok
19:17:35.0848 0x0918  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:17:35.0858 0x0918  ohci1394 - ok
19:17:35.0998 0x0918  [ D414CEA922A4D9039E0E15E886F4AB77, 02A0DE05ECF083E814A654B19BD6A060072D9D411AF9448CD99279708635A7DA ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:17:36.0082 0x0918  Origin Client Service - ok
19:17:36.0189 0x0918  [ AEB0EABD39BA46A99F79E18B89260493, E357C453E90AFE521330937D2F3C301D33E99BE9BC30817F3222E667E0BCB161 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
19:17:36.0298 0x0918  Origin Web Helper Service - ok
19:17:36.0406 0x0918  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:17:36.0418 0x0918  ose64 - ok
19:17:36.0600 0x0918  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:17:36.0763 0x0918  osppsvc - ok
19:17:36.0824 0x0918  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:17:36.0854 0x0918  p2pimsvc - ok
19:17:36.0904 0x0918  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:17:36.0924 0x0918  p2psvc - ok
19:17:36.0986 0x0918  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:17:36.0998 0x0918  Parport - ok
19:17:37.0022 0x0918  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:17:37.0032 0x0918  partmgr - ok
19:17:37.0076 0x0918  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:17:37.0089 0x0918  PcaSvc - ok
19:17:37.0099 0x0918  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:17:37.0111 0x0918  pci - ok
19:17:37.0127 0x0918  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:17:37.0136 0x0918  pciide - ok
19:17:37.0153 0x0918  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:17:37.0166 0x0918  pcmcia - ok
19:17:37.0181 0x0918  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:17:37.0191 0x0918  pcw - ok
19:17:37.0222 0x0918  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:17:37.0246 0x0918  PEAUTH - ok
19:17:37.0344 0x0918  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:17:37.0354 0x0918  PerfHost - ok
19:17:37.0423 0x0918  [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla             C:\Windows\system32\pla.dll
19:17:37.0485 0x0918  pla - ok
19:17:37.0540 0x0918  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:17:37.0559 0x0918  PlugPlay - ok
19:17:37.0581 0x0918  PnkBstrA - ok
19:17:37.0597 0x0918  PnkBstrB - ok
19:17:37.0604 0x0918  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:17:37.0614 0x0918  PNRPAutoReg - ok
19:17:37.0636 0x0918  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:17:37.0651 0x0918  PNRPsvc - ok
19:17:37.0689 0x0918  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:17:37.0710 0x0918  PolicyAgent - ok
19:17:37.0752 0x0918  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:17:37.0780 0x0918  Power - ok
19:17:37.0816 0x0918  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:17:37.0843 0x0918  PptpMiniport - ok
19:17:37.0859 0x0918  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:17:37.0869 0x0918  Processor - ok
19:17:37.0910 0x0918  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:17:37.0924 0x0918  ProfSvc - ok
19:17:37.0937 0x0918  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:17:37.0946 0x0918  ProtectedStorage - ok
19:17:37.0996 0x0918  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:17:38.0021 0x0918  Psched - ok
19:17:38.0076 0x0918  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:17:38.0135 0x0918  ql2300 - ok
19:17:38.0161 0x0918  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:17:38.0172 0x0918  ql40xx - ok
19:17:38.0214 0x0918  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:17:38.0232 0x0918  QWAVE - ok
19:17:38.0245 0x0918  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:17:38.0257 0x0918  QWAVEdrv - ok
19:17:38.0305 0x0918  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:17:38.0330 0x0918  RasAcd - ok
19:17:38.0451 0x0918  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:17:38.0526 0x0918  RasAgileVpn - ok
19:17:38.0642 0x0918  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:17:38.0668 0x0918  RasAuto - ok
19:17:38.0709 0x0918  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:17:38.0735 0x0918  Rasl2tp - ok
19:17:38.0772 0x0918  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:17:38.0805 0x0918  RasMan - ok
19:17:38.0826 0x0918  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:17:38.0851 0x0918  RasPppoe - ok
19:17:38.0856 0x0918  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:17:38.0883 0x0918  RasSstp - ok
19:17:38.0926 0x0918  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:17:38.0956 0x0918  rdbss - ok
19:17:38.0974 0x0918  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:17:38.0985 0x0918  rdpbus - ok
19:17:38.0999 0x0918  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:17:39.0023 0x0918  RDPCDD - ok
19:17:39.0030 0x0918  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:17:39.0054 0x0918  RDPENCDD - ok
19:17:39.0059 0x0918  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:17:39.0083 0x0918  RDPREFMP - ok
19:17:39.0169 0x0918  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:17:39.0179 0x0918  RdpVideoMiniport - ok
19:17:39.0227 0x0918  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:17:39.0240 0x0918  RDPWD - ok
19:17:39.0278 0x0918  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:17:39.0291 0x0918  rdyboost - ok
19:17:39.0319 0x0918  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:17:39.0346 0x0918  RemoteAccess - ok
19:17:39.0385 0x0918  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:17:39.0413 0x0918  RemoteRegistry - ok
19:17:39.0451 0x0918  [ 6D850FAD4CC9498D1F382B77BA4035CC, 689B8D90BFA404F2ABEF3F7CD098382DAA81A4CF6BF3784C9CC24DAF33F10660 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:17:39.0473 0x0918  RimUsb - ok
19:17:39.0516 0x0918  [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
19:17:39.0537 0x0918  RimVSerPort - ok
19:17:39.0569 0x0918  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
19:17:39.0594 0x0918  ROOTMODEM - ok
19:17:39.0609 0x0918  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:17:39.0635 0x0918  RpcEptMapper - ok
19:17:39.0655 0x0918  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:17:39.0664 0x0918  RpcLocator - ok
19:17:39.0714 0x0918  [ 5E9F8D029D9B03110D835CBFC058068B, 038FDF99C643C8102026BA26A75899A56E91AD0C239DF71AA5443FD35C718C78 ] RpcSs           C:\Windows\system32\rpcss.dll
19:17:39.0733 0x0918  RpcSs - ok
19:17:39.0741 0x0918  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:17:39.0767 0x0918  rspndr - ok
19:17:39.0800 0x0918  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:17:39.0823 0x0918  RTL8167 - ok
19:17:39.0864 0x0918  [ A4F7F9BB5576BF1D3A57F785C5DBEDB7, 5CE149DB0E418EBE63414E6353C26428B6853C4E5624DBE70057492BE075707C ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
19:17:39.0888 0x0918  RTL8192cu - ok
19:17:39.0928 0x0918  [ FC00C0DE6DC83DE1B2B01420E2195B21, BA9670F67BEFE4DD39D9F98329AA69380E167383448C9488F4E500E0ECF22A97 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
19:17:39.0947 0x0918  RTL8192su - detected UnsignedFile.Multi.Generic ( 1 )
19:17:40.0097 0x0918  Detect skipped due to KSN trusted
19:17:40.0097 0x0918  RTL8192su - ok
19:17:40.0115 0x0918  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] SamSs           C:\Windows\system32\lsass.exe
19:17:40.0124 0x0918  SamSs - ok
19:17:40.0149 0x0918  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:17:40.0159 0x0918  sbp2port - ok
19:17:40.0166 0x0918  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:17:40.0195 0x0918  SCardSvr - ok
19:17:40.0232 0x0918  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:17:40.0255 0x0918  scfilter - ok
19:17:40.0317 0x0918  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
19:17:40.0364 0x0918  Schedule - ok
19:17:40.0394 0x0918  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:17:40.0418 0x0918  SCPolicySvc - ok
19:17:40.0454 0x0918  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:17:40.0477 0x0918  SDRSVC - ok
19:17:40.0494 0x0918  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:17:40.0503 0x0918  secdrv - ok
19:17:40.0538 0x0918  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
19:17:40.0547 0x0918  seclogon - ok
19:17:40.0562 0x0918  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:17:40.0588 0x0918  SENS - ok
19:17:40.0594 0x0918  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:17:40.0615 0x0918  SensrSvc - ok
19:17:40.0638 0x0918  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:17:40.0647 0x0918  Serenum - ok
19:17:40.0658 0x0918  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:17:40.0668 0x0918  Serial - ok
19:17:40.0685 0x0918  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:17:40.0694 0x0918  sermouse - ok
19:17:40.0728 0x0918  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:17:40.0755 0x0918  SessionEnv - ok
19:17:40.0767 0x0918  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:17:40.0778 0x0918  sffdisk - ok
19:17:40.0789 0x0918  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:17:40.0799 0x0918  sffp_mmc - ok
19:17:40.0810 0x0918  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:17:40.0821 0x0918  sffp_sd - ok
19:17:40.0834 0x0918  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:17:40.0843 0x0918  sfloppy - ok
19:17:40.0894 0x0918  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:17:40.0926 0x0918  SharedAccess - ok
19:17:40.0971 0x0918  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:17:41.0003 0x0918  ShellHWDetection - ok
19:17:41.0019 0x0918  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:17:41.0028 0x0918  SiSRaid2 - ok
19:17:41.0116 0x0918  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:17:41.0133 0x0918  SiSRaid4 - ok
19:17:41.0175 0x0918  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:17:41.0194 0x0918  SkypeUpdate - ok
19:17:41.0205 0x0918  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:17:41.0232 0x0918  Smb - ok
19:17:41.0255 0x0918  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:17:41.0266 0x0918  SNMPTRAP - ok
19:17:41.0320 0x0918  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
19:17:41.0330 0x0918  Sony PC Companion - ok
19:17:41.0386 0x0918  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
19:17:41.0395 0x0918  speedfan - ok
19:17:41.0409 0x0918  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:17:41.0418 0x0918  spldr - ok
19:17:41.0436 0x0918  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:17:41.0458 0x0918  Spooler - ok
19:17:41.0574 0x0918  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:17:41.0697 0x0918  sppsvc - ok
19:17:41.0714 0x0918  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:17:41.0741 0x0918  sppuinotify - ok
19:17:41.0776 0x0918  [ 656736958178461D25B51BB0D9EC7D09, A1C987CD3C1B36516691B6FB6B0589897826E9237C72AD8B5D79D20ACAFCC883 ] sptd            C:\Windows\System32\Drivers\sptd.sys
19:17:41.0793 0x0918  sptd - ok
19:17:41.0836 0x0918  [ 546C81F238F084A393EC54114741A0A8, AA223A2A8E8503CBDB0CE6A70620B372E0591070F9FF7D8532A93B54EF7B7E51 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:17:41.0855 0x0918  srv - ok
19:17:41.0901 0x0918  [ 431D2B06E8F93EAEC53E8FA37FCFF2F1, 4CB94D250E9D2646FCE7284D4D3CED1BB02E4D79AD33A414D16EF794195868CA ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:17:41.0920 0x0918  srv2 - ok
19:17:41.0953 0x0918  [ 42EDAB3E3E8E25C7093674936C2DB4BD, B2D5E006B748F24F0FF2CEFFC3D056F3D50E8A818BDFF4231C87C022A25F44ED ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:17:41.0966 0x0918  srvnet - ok
19:17:41.0979 0x0918  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:17:42.0007 0x0918  SSDPSRV - ok
19:17:42.0027 0x0918  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:17:42.0055 0x0918  SstpSvc - ok
19:17:42.0134 0x0918  [ 3CB6B26010394DFF467BB45C752BB039, 600C95B2DA6E8397D18BEC995FB4160B90550D7D0DB55E282E501654434F9BFC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:17:42.0192 0x0918  Steam Client Service - ok
19:17:42.0211 0x0918  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:17:42.0220 0x0918  stexstor - ok
19:17:42.0273 0x0918  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:17:42.0300 0x0918  stisvc - ok
19:17:42.0308 0x0918  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:17:42.0316 0x0918  swenum - ok
19:17:42.0344 0x0918  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:17:42.0381 0x0918  swprv - ok
19:17:42.0494 0x0918  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
19:17:42.0546 0x0918  SysMain - ok
19:17:42.0561 0x0918  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:17:42.0576 0x0918  TabletInputService - ok
19:17:42.0615 0x0918  [ E33F065D2CDEF1DC95BF9971EF7ABB41, 6F42AB1CE29126A137EDF24390F46A2A4202B37E77A50E4D33EAECD8156D158A ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
19:17:42.0623 0x0918  taphss6 - ok
19:17:42.0651 0x0918  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:17:42.0685 0x0918  TapiSrv - ok
19:17:42.0782 0x0918  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:17:42.0854 0x0918  Tcpip - ok
19:17:42.0921 0x0918  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:17:42.0965 0x0918  TCPIP6 - ok
19:17:43.0016 0x0918  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:17:43.0026 0x0918  tcpipreg - ok
19:17:43.0042 0x0918  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:17:43.0051 0x0918  TDPIPE - ok
19:17:43.0074 0x0918  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:17:43.0083 0x0918  TDTCP - ok
19:17:43.0123 0x0918  [ 028D61D9803FBEFB7426696A7840BB48, 344448F41EB93AF01FF624665C0D582C0ABB19AFDA1DA18EE5141E26407F58BE ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:17:43.0135 0x0918  tdx - ok
19:17:43.0191 0x0918  [ BB676D2C7AD5E7131D12417E4691F9B9, C6DE7D8C08C2F059C696E9D63FC55692C8CB37FECF92F5A863D7D2C5AF3B425F ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
19:17:43.0197 0x0918  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
19:17:43.0347 0x0918  Detect skipped due to KSN trusted
19:17:43.0347 0x0918  Te.Service - ok
19:17:43.0539 0x0918  [ 2B29FD3AF7B4FEB272CD1F6EEC8FE4BA, 2E3E775218F1A9DCD977C7D42D0AADDA83A76DCBF65FB25E0F0215ABE3D55C5B ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
19:17:43.0693 0x0918  TeamViewer9 - ok
19:17:43.0731 0x0918  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:17:43.0741 0x0918  TermDD - ok
19:17:43.0795 0x0918  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
19:17:43.0821 0x0918  TermService - ok
19:17:43.0831 0x0918  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:17:43.0844 0x0918  Themes - ok
19:17:43.0877 0x0918  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:17:43.0904 0x0918  THREADORDER - ok
19:17:43.0916 0x0918  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:17:43.0944 0x0918  TrkWks - ok
19:17:44.0021 0x0918  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:17:44.0048 0x0918  TrustedInstaller - ok
19:17:44.0069 0x0918  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:17:44.0078 0x0918  tssecsrv - ok
19:17:44.0109 0x0918  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:17:44.0122 0x0918  TsUsbFlt - ok
19:17:44.0178 0x0918  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:17:44.0205 0x0918  tunnel - ok
19:17:44.0223 0x0918  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:17:44.0233 0x0918  uagp35 - ok
19:17:44.0282 0x0918  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:17:44.0312 0x0918  udfs - ok
19:17:44.0327 0x0918  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:17:44.0338 0x0918  UI0Detect - ok
19:17:44.0351 0x0918  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:17:44.0361 0x0918  uliagpkx - ok
19:17:44.0391 0x0918  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
19:17:44.0401 0x0918  umbus - ok
19:17:44.0415 0x0918  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:17:44.0425 0x0918  UmPass - ok
19:17:44.0475 0x0918  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
19:17:44.0483 0x0918  UnlockerDriver5 - ok
19:17:44.0509 0x0918  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:17:44.0542 0x0918  upnphost - ok
19:17:44.0582 0x0918  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:17:44.0604 0x0918  USBAAPL64 - ok
19:17:44.0626 0x0918  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:17:44.0636 0x0918  usbccgp - ok
19:17:44.0662 0x0918  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:17:44.0673 0x0918  usbcir - ok
19:17:44.0714 0x0918  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:17:44.0723 0x0918  usbehci - ok
19:17:44.0766 0x0918  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
19:17:44.0782 0x0918  usbhub - ok
19:17:44.0799 0x0918  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:17:44.0808 0x0918  usbohci - ok
19:17:44.0839 0x0918  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:17:44.0850 0x0918  usbprint - ok
19:17:44.0873 0x0918  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:17:44.0882 0x0918  usbscan - ok
19:17:44.0887 0x0918  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:17:44.0898 0x0918  USBSTOR - ok
19:17:44.0940 0x0918  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:17:44.0948 0x0918  usbuhci - ok
19:17:44.0976 0x0918  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
19:17:44.0993 0x0918  usb_rndisx - ok
19:17:45.0010 0x0918  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:17:45.0035 0x0918  UxSms - ok
19:17:45.0048 0x0918  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] VaultSvc        C:\Windows\system32\lsass.exe
19:17:45.0057 0x0918  VaultSvc - ok
19:17:45.0075 0x0918  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:17:45.0084 0x0918  vdrvroot - ok
19:17:45.0127 0x0918  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:17:45.0164 0x0918  vds - ok
19:17:45.0182 0x0918  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:17:45.0193 0x0918  vga - ok
19:17:45.0204 0x0918  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:17:45.0228 0x0918  VgaSave - ok
19:17:45.0244 0x0918  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:17:45.0258 0x0918  vhdmp - ok
19:17:45.0281 0x0918  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:17:45.0289 0x0918  viaide - ok
19:17:45.0303 0x0918  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:17:45.0313 0x0918  volmgr - ok
19:17:45.0340 0x0918  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:17:45.0357 0x0918  volmgrx - ok
19:17:45.0387 0x0918  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:17:45.0402 0x0918  volsnap - ok
19:17:45.0421 0x0918  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:17:45.0434 0x0918  vsmraid - ok
19:17:45.0510 0x0918  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:17:45.0583 0x0918  VSS - ok
19:17:45.0599 0x0918  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:17:45.0610 0x0918  vwifibus - ok
19:17:45.0620 0x0918  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:17:45.0633 0x0918  vwififlt - ok
19:17:45.0654 0x0918  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:17:45.0688 0x0918  W32Time - ok
19:17:45.0708 0x0918  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:17:45.0717 0x0918  WacomPen - ok
19:17:45.0740 0x0918  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:17:45.0765 0x0918  WANARP - ok
19:17:45.0770 0x0918  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:17:45.0794 0x0918  Wanarpv6 - ok
19:17:45.0880 0x0918  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:17:45.0936 0x0918  WatAdminSvc - ok
19:17:46.0004 0x0918  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:17:46.0073 0x0918  wbengine - ok
19:17:46.0095 0x0918  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:17:46.0112 0x0918  WbioSrvc - ok
19:17:46.0134 0x0918  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:17:46.0156 0x0918  wcncsvc - ok
19:17:46.0196 0x0918  [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:17:46.0213 0x0918  WcsPlugInService - ok
19:17:46.0229 0x0918  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:17:46.0238 0x0918  Wd - ok
19:17:46.0293 0x0918  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:17:46.0320 0x0918  Wdf01000 - ok
19:17:46.0356 0x0918  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:17:46.0367 0x0918  WdiServiceHost - ok
19:17:46.0371 0x0918  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:17:46.0382 0x0918  WdiSystemHost - ok
19:17:46.0417 0x0918  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
19:17:46.0434 0x0918  WebClient - ok
19:17:46.0454 0x0918  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:17:46.0485 0x0918  Wecsvc - ok
19:17:46.0499 0x0918  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:17:46.0526 0x0918  wercplsupport - ok
19:17:46.0551 0x0918  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:17:46.0577 0x0918  WerSvc - ok
19:17:46.0587 0x0918  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:17:46.0611 0x0918  WfpLwf - ok
19:17:46.0627 0x0918  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:17:46.0636 0x0918  WIMMount - ok
19:17:46.0658 0x0918  WinDefend - ok
19:17:46.0676 0x0918  WinHttpAutoProxySvc - ok
19:17:46.0742 0x0918  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:17:46.0772 0x0918  Winmgmt - ok
19:17:46.0844 0x0918  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:17:46.0918 0x0918  WinRM - ok
19:17:46.0960 0x0918  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:17:46.0971 0x0918  WinUsb - ok
19:17:47.0020 0x0918  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:17:47.0068 0x0918  Wlansvc - ok
19:17:47.0098 0x0918  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:17:47.0106 0x0918  WmiAcpi - ok
19:17:47.0141 0x0918  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:17:47.0154 0x0918  wmiApSrv - ok
19:17:47.0176 0x0918  WMPNetworkSvc - ok
19:17:47.0199 0x0918  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:17:47.0222 0x0918  WPCSvc - ok
19:17:47.0234 0x0918  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:17:47.0247 0x0918  WPDBusEnum - ok
19:17:47.0263 0x0918  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:17:47.0287 0x0918  ws2ifsl - ok
19:17:47.0296 0x0918  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:17:47.0311 0x0918  wscsvc - ok
19:17:47.0314 0x0918  WSearch - ok
19:17:47.0412 0x0918  [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:17:47.0498 0x0918  wuauserv - ok
19:17:47.0517 0x0918  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:17:47.0528 0x0918  WudfPf - ok
19:17:47.0561 0x0918  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:17:47.0574 0x0918  WUDFRd - ok
19:17:47.0593 0x0918  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:17:47.0604 0x0918  wudfsvc - ok
19:17:47.0641 0x0918  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:17:47.0669 0x0918  WwanSvc - ok
19:17:47.0692 0x0918  ================ Scan global ===============================
19:17:47.0735 0x0918  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:17:47.0760 0x0918  [ 825C29BE302D5A4697EF19A2FFC53486, DEE04A0BCCFEC5F126C5FBF91D23790628AE79FAF4B61D7960F1592D0B432613 ] C:\Windows\system32\winsrv.dll
19:17:47.0771 0x0918  [ 825C29BE302D5A4697EF19A2FFC53486, DEE04A0BCCFEC5F126C5FBF91D23790628AE79FAF4B61D7960F1592D0B432613 ] C:\Windows\system32\winsrv.dll
19:17:47.0803 0x0918  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:17:47.0842 0x0918  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:17:47.0849 0x0918  [ Global ] - ok
19:17:47.0849 0x0918  ================ Scan MBR ==================================
19:17:47.0860 0x0918  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:17:48.0080 0x0918  \Device\Harddisk0\DR0 - ok
19:17:48.0080 0x0918  ================ Scan VBR ==================================
19:17:48.0082 0x0918  [ 79A32E5D96C067B984975E59C209FE11 ] \Device\Harddisk0\DR0\Partition1
19:17:48.0083 0x0918  \Device\Harddisk0\DR0\Partition1 - ok
19:17:48.0085 0x0918  [ EB01CF6ADDD8B62B9F256B2C898811B9 ] \Device\Harddisk0\DR0\Partition2
19:17:48.0086 0x0918  \Device\Harddisk0\DR0\Partition2 - ok
19:17:48.0087 0x0918  ================ Scan generic autorun ======================
19:17:48.0153 0x0918  [ B9D6C3C32FAB7DB4BC4DA90563B84765, C7C78BE9B697170FE7A1778BFE45D151C551A73497DD815C4F25709482E4D404 ] C:\Program Files\iTunes\iTunesHelper.exe
19:17:48.0168 0x0918  iTunesHelper - ok
19:17:48.0170 0x0918  AMD AVT - ok
19:17:48.0228 0x0918  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:17:48.0274 0x0918  Sidebar - ok
19:17:48.0306 0x0918  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:17:48.0320 0x0918  mctadmin - ok
19:17:48.0347 0x0918  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:17:48.0377 0x0918  Sidebar - ok
19:17:48.0382 0x0918  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:17:48.0395 0x0918  mctadmin - ok
19:17:48.0402 0x0918  Waiting for KSN requests completion. In queue: 92
19:17:49.0486 0x0918  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
19:17:49.0493 0x0918  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
19:17:49.0617 0x0918  ============================================================
19:17:49.0617 0x0918  Scan finished
19:17:49.0617 0x0918  ============================================================
19:17:49.0624 0x1754  Detected object count: 0
19:17:49.0624 0x1754  Actual detected object count: 0
         
Hier das Bild von dem Task Manager:




Ich bedanke mich jetzt schon mal für die Hilfe!

MfG
Rene

Keiner eine Idee?
Code:
ATTFilter
hxxp://www.directupload.net/file/d/4807/7mrbc6r6_jpg.htm
         
__________________

Geändert von DrRealtalk (08.08.2017 um 18:30 Uhr) Grund: Bild eingefügt

Alt 09.08.2017, 00:14   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Zitat:
Kaspersky Internet Security
Alles was Internet Security oder Security Suite in Namen trägt, sind idR dicke kontraproduktive Systembremsen. Deinstallier diesen Kaspersky-Krempel mal und beobachte das System OHNE VIRENSCANNER, damit man eine Referenz hat.

Später wenn wir hier durch sind, kannst du wieder ein AV installieren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.08.2017, 20:59   #5
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Moin,
ich hab Kaspersky mal deaktiviert und es ist deutlich besser geworden aber optimal ist es immer noch nicht.

Hier ein Screenshot:
Code:
ATTFilter

         
und noch einmal mit dem Farbar Recovery Scan Tool ausgelesen:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2017
durchgeführt von Niko (10-08-2017 20:55:00)
Gestartet von C:\Users\Niko\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-06-20 04:14:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3530776945-4030788160-3505166589-500 - Administrator - Disabled)
Gast (S-1-5-21-3530776945-4030788160-3505166589-501 - Limited - Enabled) => C:\Users\Gast.Niko-PC
HomeGroupUser$ (S-1-5-21-3530776945-4030788160-3505166589-1002 - Limited - Enabled)
Niko (S-1-5-21-3530776945-4030788160-3505166589-1000 - Administrator - Enabled) => C:\Users\Niko

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1954 Alcatraz (HKLM-x32\...\1954 Alcatraz_is1) (Version: 1.0.4579r - Daedalic Entertainment)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20093 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
American Truck Simulator Version 1.0 (HKLM-x32\...\{1E1A283E-DA44-4DCB-BC57-295E54DF18CA}_is1) (Version: 1.0 - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{7346C35D-942D-3CCE-94CB-7008BA8D63CB}) (Version: 8.59.29722 - Microsoft) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty Black Ops II Version v1.0 (HKLM-x32\...\{9FC70705-BEE9-4044-BCEC-9D058AE43843}_is1) (Version: v1.0 - ZKY)
Call of Duty Ghosts MULTI 5 (HKLM-x32\...\Q2FsbG9mRHV0eUdob3N0cw==_is1) (Version: 1 - )
Call of Duty Modern Warfare 3 (HKLM-x32\...\Call of Duty: Modern Warfare 3 Full-Rip_is1) (Version: 1.0.0 - )
Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Camtasia 9 (HKLM\...\{D8A1F37A-B11B-4451-830D-6A243ADE2591}) (Version: 9.0.1.1422 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{48cb006a-7b5b-4a48-98fd-fbd7af456b0d}) (Version: 9.0.1.1422 - TechSmith Corporation)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\CopyTrans Suite) (Version: 4.008 - WindSolutions)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd)
Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line)
Die Gilde Gold Update v. 2.06  (HKLM-x32\...\Die Gilde Gold Update v. 2.06 ) (Version:  - )
Die Gilde Gold-Edition (HKLM-x32\...\Die Gilde Gold-Edition) (Version: 2.06 - JoWooD Productions Software AG)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.30.105.1010 - Electronic Arts Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version:  - )
Electronic Arts Product Registration (HKLM-x32\...\{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts) Hidden
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Enemy Front (HKLM-x32\...\{0E70B8F0-17E2-44B4-B781-CEDF66DCE053}_is1) (Version: 1.0 - City Interactive)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
Epson-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.0.2 - SCS Software)
F1 2013 German (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
F1 2014 German (HKLM-x32\...\RjEyMDE0_is1) (Version: 1 - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Music Box (HKLM-x32\...\Freemake Music Box_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.1 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.1 - Ellora Assets Corporation)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 - Premium Edition (HKLM-x32\...\{85E7B200-3222-48DE-8C42-BD712AE0E929}_is1) (Version: Premium - Youda Games)
Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0 (HKLM-x32\...\Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0) (Version:  - )
Grand Theft Auto V update Version 1.0.323.1 (HKLM-x32\...\{4959470E-EDAC-4710-A636-276D79A81B94}_is1) (Version: 1.0.323.1 - Rockstar Games)
Grand Theft Auto: The Trilogy (HKLM-x32\...\{C18536B9-C90F-4AF2-A13D-0CA15BF2DA09}_is1) (Version: 1.0 - RAF)
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version:  - )
Hot CPU Tester Pro 4.4.1 (HKLM-x32\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)
Hotspot Shield 6.8.12 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925B1A76C50}) (Version: 6.8.12.10541 - AnchorFree Inc.) Hidden
Hotspot Shield 6.8.12 (HKLM-x32\...\{c67c171b-b51a-4ff1-a641-6f4a9fb11bc9}) (Version: 6.8.12.10541 - AnchorFree Inc.)
Hotspot Shield 6.8.12 (HKLM-x32\...\HotspotShield) (Version: 6.8.12 - AnchorFree Inc.) Hidden
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{ECFFD23C-3111-4685-8118-E1F79644203F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Hilfe (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security Technical Preview (HKLM-x32\...\{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kaspersky Internet Security Technical Preview (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kits Configuration Installer (HKLM-x32\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden
K-Lite Mega Codec Pack 13.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.2.0 - KLCP)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Editor 64bit 4 (HKLM\...\PDF Editor 64bit 4) (Version:  - )
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 1) (Version: 1.00 Part 1 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 2) (Version: 1.00 Part 2 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 3) (Version: 1.00 Part 3 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.10) (Version: 1.10 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.12) (Version: 1.12 - Pesgalaxy)
Pizza Connection 2 (HKLM-x32\...\{DA47ABC4-52DF-468D-988D-B9E768A3DF52}) (Version:  - )
Prison Break (HKLM-x32\...\{C5A31DDC-157A-4DD7-9B5C-C692A06F61FD}) (Version: 1.00 - Deep Silver)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2015 Day One Edition MULTi2 1.0 (HKLM-x32\...\Pro Evolution Soccer 2015 Day One Edition MULTi2 1.0) (Version:  - )
Pro Evolution Soccer 2015 Update v1.02 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 German (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Pro Evolution Soccer 2017 (HKLM-x32\...\{A3C10274-808C-4ADC-A13D-D94911180B58}_is1) (Version:  - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
Sanny Builder 3.01 (HKLM-x32\...\Sanny Builder 3_is1) (Version:  - )
SDK Debuggers (HKLM-x32\...\{E63A3353-003C-E4C2-230B-F155212D1479}) (Version: 8.59.29746 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Sid Meier's Pirates! (HKLM-x32\...\{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
Sid Meier's Pirates! (HKLM-x32\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{7ACB9D1D-5B26-4CE4-964A-1EB22461E6F6}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00) (Version:  - )
South Park Der Stab der Wahrheit Update 2 Incl. DLCs MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Update 2 Incl. DLCs MULTI-2 1.00) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 3 Gold (HKLM-x32\...\Stronghold 3 Gold_is1) (Version:  - )
Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1004 - Firefly Studios)
Stronghold Crusader II Deinstallation (HKLM-x32\...\Stronghold Crusader II Deinstallation) (Version: 1.00 - Shadow Eagle)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
The Sims 4 Version 1.0 (HKLM-x32\...\{A4DD0B0B-029A-4F77-BF7B-FBE6A849974D}_is1) (Version: 1.0 - ZKY)
TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2015 (KB3213574) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3213574) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3213574) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8C2A4D8F-3020-403E-94D4-E8EC03F9E723}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CE92F061-BFBC-11E3-8FF3-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ACHTUNG
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WPT Redistributables (HKLM-x32\...\{A5D42D71-4036-5F88-5085-657C9DF9F1DD}) (Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{986EABFC-92F6-CECD-9E5A-B13CAC40BB1D}) (Version: 8.59.29722 - Microsoft) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3530776945-4030788160-3505166589-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2013-10-17] (Disc Soft Ltd)
ContextMenuHandlers1: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\shellex.dll [2017-07-05] (Kaspersky Lab ZAO)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2013-10-17] (Disc Soft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\shellex.dll [2017-07-05] (Kaspersky Lab ZAO)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (Igor Pavlov)
ContextMenuHandlers4: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\shellex.dll [2017-07-05] (Kaspersky Lab ZAO)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ContextMenuHandlers6: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\shellex.dll [2017-07-05] (Kaspersky Lab ZAO)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {14CC7BA0-0B63-4B8C-97F1-853FE154CEE4} - System32\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {31470BF1-8725-4716-85D5-664E3944139A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {34C4E706-BD4A-48FE-90BC-6520E602E2DD} - System32\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {591213A2-BADC-42F6-9A6E-0C455AA7B224} - System32\Tasks\{B474F0C9-476B-464D-A9F5-2860230A558B} => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe [2013-11-01] ( )
Task: {7D9C678A-8759-4D05-B9D4-547D68877103} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {85A9F375-B72C-4D1E-B185-E238E140E082} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {8F37701F-600C-4AD4-98DC-F55DF8F4533E} - System32\Tasks\{D81C89A7-A32E-4482-BE0D-576F684B78BC} => C:\Windows\system32\pcalua.exe -a "E:\Spiele\PES 2014\PESEdit.com 2014 Patch 4.2\Installer.exe" -d "E:\Spiele\PES 2014\PESEdit.com 2014 Patch 4.2"
Task: {96C336AC-186D-49ED-BFAF-F5DC7E07681A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {A56DE033-13A2-487D-9026-713CA67DC6E3} - System32\Tasks\AdobeAAMUpdater-1.0-Niko-PC-Niko => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {AE1F6E2B-9B2C-4F1C-9867-83437EEF507D} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {B2F980FF-116F-4335-9FA6-B67BCCA9C45E} - System32\Tasks\{0181734B-83B8-4059-9ED6-E8AE0C27D32F} => C:\Program Files (x86)\Governor of Poker 2\GovernorofPoker2.exe [2010-06-18] (I Sioux B.V. )
Task: {B87E110F-30FA-4D0C-9B10-C8688CBDA0C1} - System32\Tasks\{039D68AB-2011-4786-8F98-8722280FF77B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Niko\Downloads\Minecraft 1.8аенривар.exe" -d C:\Users\Niko\Downloads
Task: {C6CFC376-A6AB-469E-835C-E87230798468} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D25C451E-96DC-4947-8972-E7EE164B60D8} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-05-24] ()
Task: {D573BED3-BB1B-4F61-AE18-4C1344F0B584} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E02E6F8D-971D-41AB-AB2E-501D9DC4A98F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {E66C1AA7-DC64-4A23-9DFA-5C4B5CE45DD4} - System32\Tasks\{83A906C1-DF31-4176-8753-D0916C0FAEF1} => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe [2013-11-01] ( )
Task: {EB4ED791-CB86-4631-9ABA-CBA8E1048F0E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3530776945-4030788160-3505166589-1000
Task: {EDE07330-8AC8-4592-AA31-0DCFBDE8EE43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {FF23C186-195C-4DFB-8B1A-F4F82A6BCC52} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{78C1617E-DB1D-48B9-B4F4-5E56C6303F18} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=RY_5021_CH&co=DE&userid=8448577c-e17a-f494-3b4c-a2fd09430c74&searchtype=sc&installDate=26/04/2014&barcodeid=127899&um=0

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 000667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-23 16:15 - 2013-07-03 00:26 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-23 16:16 - 2013-07-03 00:26 - 000103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2017-08-10 17:58 - 2017-08-10 17:58 - 000566439 _____ () C:\Users\Niko\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2017-08-10 17:58 - 2017-08-10 17:58 - 004078962 _____ () C:\Users\Niko\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2017-08-08 06:30 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
2017-08-08 06:30 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
2017-06-15 12:36 - 2017-06-15 12:36 - 000166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2014-01-30 22:47 - 2014-03-08 12:05 - 000002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\Drakonia Configurator\hid.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Skiller PRO => "C:\Program Files (x86)\Skiller PRO\Monitor.exe"
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FA3769F3-CE81-426B-8B2A-1B803B6714F0}] => (Allow) LPort=1542
FirewallRules: [{E16ABA41-BFCC-4F02-90C1-B00EA33F1E98}] => (Allow) LPort=1542
FirewallRules: [{6C240299-F132-4BB5-971C-101F4B4D6772}] => (Allow) LPort=53
FirewallRules: [TCP Query User{B2DAC3C0-8B7A-4C75-9C6D-A3FC471E5B48}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{0D0BD8AC-F5EC-4FE5-A70F-CFFFB4C3535F}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{64E0FE84-7E68-4780-BD7F-D6C7444588E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{450A84A2-749C-465A-9D74-928D00C5B367}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A0EBF6E0-58D2-49BC-AF11-FF0FBE38DA21}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{43CEAB4A-24E2-4149-9C4C-2E3678827877}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [TCP Query User{E2DEE087-44CD-4921-9F6C-9B47890E480E}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9D21E407-2076-4F9E-9F37-C2ABCE18FB77}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{7B9A2D8C-6920-45B1-80F7-9F17CBCBBBE2}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{6166B344-E8E2-4ACF-8DBB-A2CC21862343}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{559DB375-E0FE-4934-88A9-B2CDD434C3FE}C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe
FirewallRules: [UDP Query User{26310919-6788-4418-8250-5DC542E7019A}C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe
FirewallRules: [{1145A7A7-9D04-4333-B1A9-37382EE09AE2}] => (Block) C:\Program Files (x86)\Activision\Call of Duty 5 - World at War\CoDWaW.exe
FirewallRules: [{2114E51C-3CD8-40EA-BB24-B5089800AA87}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F511107A-A5FA-44EE-9B03-1F28A7567F0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0AA84385-A00B-408D-868A-39EC8A06AEA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C98529F4-0F44-452E-970C-24FBCEA49B20}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7032CF92-04B2-47C4-A051-6CFE3D507DF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{83C720A2-6F50-4EFF-A583-5F0BBBB0C578}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{1121D106-138D-4658-80A1-37D4F7C651B2}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{0A166F36-6821-45A8-A0E8-A0FB2657186E}C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{B5381106-F358-47BB-900E-4029E048FE65}C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe
FirewallRules: [{917681C2-8D27-4A7B-B58E-0D46FD68EC6C}] => (Block) %ProgramFiles% (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [TCP Query User{8C312707-A4FA-43B9-B52F-F337CCAAD59B}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe
FirewallRules: [UDP Query User{B6F38871-3DA6-4577-B7A5-48BE2863AB7D}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe
FirewallRules: [TCP Query User{1BC3FA3D-0B99-47F8-B266-9DFE1F4A2221}C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe
FirewallRules: [UDP Query User{886E419E-F913-462E-969A-444D2608EDC8}C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe
FirewallRules: [{6C5E9052-FD13-4716-882C-79B96EC04B7A}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{DA3601BD-DC0F-4CEC-98DF-E205029C8C7E}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{C1BFB3E2-F82B-4903-81C5-B616EABBDCAE}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{C752132D-F071-43D8-AFC2-15A1AC3568E8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{4EB2DC08-781E-42C7-B96F-8CBF827C8CA2}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [UDP Query User{E25201E5-BD2C-4069-910C-FB4254714B8D}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [{18FEEBC3-FD9E-4944-BDF0-5DC6B64F3C82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{895452D7-99A7-4114-87B0-9FF37BA8B1AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{01D21AE8-3C26-4407-8D42-A94BCF8BB70F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{71DB3129-E729-47CF-8C7C-923C3B3C21E0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{09225EE8-5677-4916-A8E2-A3268C7D684E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9686754B-F86A-48ED-A678-8B1B48CDF23A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4DB992F8-7FB9-4A81-94B3-6547641EDD97}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop CC\Photoshop.exe
FirewallRules: [{36A99C31-F804-4C8D-94C5-44E0FF82DED7}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [TCP Query User{B96D5F3A-2324-4D0C-AB14-99E42FF402CA}C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe
FirewallRules: [UDP Query User{5EDD385E-4556-4FD6-BCF7-EAAC6925E3F8}C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe
FirewallRules: [TCP Query User{DFF6E79E-1E9B-4C9C-9E72-F5D970643AAB}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{3959CC63-2F51-4830-B367-55351EBF70EA}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{F9987285-9B58-40B7-AFC1-E37588B42BE7}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\UpLauncher.exe
FirewallRules: [{061BB67F-F867-4FB8-98A4-9A3598DB5FF9}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\TestDrive2.exe
FirewallRules: [{6F31DE50-E6B2-4F9B-B53F-FCA0D0F70434}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\UpLauncher.exe
FirewallRules: [{D6746BDD-A1C5-4036-9629-FF536C376F9B}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\stronghold_crusader_extreme.exe
FirewallRules: [{72CEF630-2BFB-4133-8F76-236BDC4D1936}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{2270157A-24CE-4FD8-9AEF-DFBD4C24B0FB}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B1E8CCB7-21C8-4F41-BBE3-16A4254415E5}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{BA065EFB-4B13-42C3-9E33-DCDA436AA9FF}C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe
FirewallRules: [UDP Query User{E94D2FAF-78D1-41CE-899B-0B2F84580CD5}C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe
FirewallRules: [{CF091463-4B98-4363-9B90-0710D0FECABA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{60100688-3F55-4E09-BF77-7B5E3B3647EB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C485643D-2AFF-4E6D-929D-42EF90865F4E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C2C28C3C-A6E8-4EAB-8429-F059F86F7BD0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{EC55DC6F-2B60-45DD-84C0-25AFF0FC7D23}C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{2F653C76-EE5F-4523-B0B8-5AF8D1928186}C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{5090092D-240B-4B21-84F3-B87F1A013E40}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [{760C8884-D1D0-4D29-BDF6-8E0F630B8130}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EDC9DDE5-70CA-4989-9336-8EA2BFDB650C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A967421B-32EA-4B22-AC36-D33B9B5B0628}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6A1DCED5-C03F-420A-A180-0357E0F8A9B7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{92E764A2-1693-4D6D-B8E6-FACE3C00CB66}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{1816E24A-43BC-40E1-B57B-FA350CE0CD4D}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{2E2042A8-5DE5-4EAB-BBA1-90FADFD0960E}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{55ABA1E5-27FB-405B-BDD5-50FC55F42C86}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [TCP Query User{8E029F67-9AC4-49C1-BFF9-03BD0F76694A}C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{C247D5D5-D15B-4AEA-A358-1C37EA31906C}C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{8087AC03-A46B-4451-830F-3B45F3C8ADA9}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{0AB6005C-3AE0-4F22-8249-A85BC8BBAF4E}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{1708A03A-559C-4362-BFB5-0EFBA5221290}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{864B25B9-2822-4467-8126-607E510334D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{423E07FB-28BC-4946-8D04-42FDDC8BC563}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C460C2B-075C-4AB6-A90E-7C2934DEC9CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9CBB1FBE-F775-426E-9E1F-79397534F900}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{EDAA072E-A9AC-4A0B-9971-A4B5C352D84F}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{43B6C9AF-D906-42C3-8870-FF6B3A341FA5}] => (Allow) LPort=4481
FirewallRules: [{60680C4C-A6D9-4779-8EBF-25357923A0A4}] => (Allow) LPort=4481
FirewallRules: [{237F42FD-E704-489B-B345-5E5101D6F76A}] => (Allow) LPort=4482
FirewallRules: [{B4640666-DDAB-4ECA-AC1B-5E00AFFC8CB6}] => (Allow) LPort=4482
FirewallRules: [{978335EE-5859-48B9-A2BB-B72BFDEF888B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1E6D4A7C-3D1E-4A99-98B6-37DAA8B41AEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FD6F8533-596D-4873-9557-1E5E7A57DE4C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{09CA70CD-76AA-4694-9C61-5CC4B5774FC1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1DFC6904-B7E9-4C9B-8A55-0138FA1E637E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6C5A8E30-6FD3-475B-83B9-CC23D8B85DF1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A51C9788-A85A-4382-A278-8C858E1B467D}] => (Allow) K:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{282B249F-126F-4B40-ACFC-4F22BB60EE07}] => (Allow) K:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F26D6D1B-C192-462C-A945-34632FC8D5B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9BC86692-CEBB-45C4-A5A7-C1D8603C6D12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1DBFC50E-454F-4BAC-9AAD-D0C10D78B079}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [{F19FDC1C-3528-45FD-A2A0-60044D8956F8}] => (Allow) LPort=8318
FirewallRules: [{B70F7D98-7D1D-4495-AD5A-A5CE513138C0}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{0F1E3529-4F79-4547-8F39-419A31031781}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{DFA17B34-8D14-438D-BC58-DD0F2458B590}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{A846CCCF-7CE8-4762-9FA3-F8DB3BA65B3A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [TCP Query User{E8F448A3-3114-4568-A6FC-BEA41A502B14}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{4030E393-78F4-4CD7-A2C7-684AEBB6D820}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [{85C1534F-6F5D-4EC8-9C9A-2D11C9FD063C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{423C1F69-B2B3-47AF-AF3D-BAB542046184}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{5B86CBDB-443C-4924-AB5B-17F1F2157DC2}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{4ECA478A-A9B9-4584-BAF5-14BDE21CC59F}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{69A6252B-617E-433F-A39C-5AA6486F9FB1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F78CA127-7D82-4543-BC8C-163184148A7A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-08-2017 11:44:28 Installiert Call of Duty - United Offensive
06-08-2017 17:42:04 Installiert Call of Duty - United Offensive
06-08-2017 19:00:12 Windows-Sicherung
06-08-2017 19:41:12 Installiert Call of Duty - United Offensive
06-08-2017 20:35:28 Installiert Electronic Arts Product Registration
08-08-2017 18:20:29 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/10/2017 06:04:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (08/08/2017 06:21:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (08/07/2017 06:12:41 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\Windows\system32\lsm.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.

Error: (08/07/2017 06:23:06 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (08/06/2017 08:49:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Game.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1cfc

Startzeit: 01d30ee3fa7954ee

Endzeit: 133

Anwendungspfad: C:\Program Files (x86)\EA Games\Harry Potter und die Kammer des Schreckens\system\Game.exe

Berichts-ID:

Error: (08/06/2017 08:40:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Souldrinker.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1adc

Startzeit: 01d30ee337890c97

Endzeit: 4

Anwendungspfad: D:\Crack\Souldrinker.exe

Berichts-ID:

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
Das System kann die angegebene Datei nicht finden.
.


Systemfehler:
=============
Error: (08/10/2017 08:34:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "chip 1-click download service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/10/2017 05:52:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/10/2017 05:52:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/10/2017 05:51:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/10/2017 05:51:50 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/08/2017 06:06:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/08/2017 06:06:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/08/2017 06:05:37 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/08/2017 06:05:37 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/08/2017 06:18:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


CodeIntegrity:
===================================
  Date: 2014-08-13 17:26:13.528
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.527
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.516
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.500
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.498
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.677
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.676
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.674
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.659
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X6 1075T Processor
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 4095.18 MB
Verfügbarer physikalischer RAM: 1670.1 MB
Summe virtueller Speicher: 8188.54 MB
Verfügbarer virtueller Speicher: 5116.57 MB

==================== Laufwerke ================================

Drive c: (Niko) (Fixed) (Total:931.41 GB) (Free:401.89 GB) NTFS
Drive k: (ZKF Ausbildungsfilm 2014) (CDROM) (Total:0.59 GB) (Free:0 GB) UDF
Drive l: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 40D8DD8F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Der Screenshoot:
hxxp://www.directupload.net/file/d/4810/eefqrqus_jpg.htm


Alt 10.08.2017, 21:00   #6
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017
durchgeführt von Niko (Administrator) auf NIKO-PC (10-08-2017 20:52:51)
Gestartet von C:\Users\Niko\Downloads
Geladene Profile: Niko (Verfügbare Profile: Niko & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AppWork GmbH) C:\Users\Niko\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hydra.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\MountPoints2: {7985ce0e-0430-11e3-95d1-bcaec5da2ffe} - K:\Startme.exe
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\MountPoints2: {f78d62ec-2eee-11e5-91c3-bcaec5da2ffe} - E:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-24] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{14847BEC-8CCC-4499-AB0D-78B099C5C4E1}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{89D5D2DE-B52D-4B31-93DF-D4D41F6B9539}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9F712A8E-A99B-471D-B53A-BC6EDD0B2917}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D0D90BB3-D490-4A41-826B-B112D0B36742}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q={searchTerms}
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.search.us.com/v/2/?guid={E5180186-3E1E-418E-A77E-33303A14C67D}&serpv=5
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-UA,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-UA,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3530776945-4030788160-3505166589-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-06-13] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2017-07-05] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2017-07-05] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2017-07-05] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2017-07-05] (Kaspersky Lab ZAO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-06-13] (Microsoft Corporation)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2017-07-05] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2017-07-05] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2017-07-05] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2017-07-05] (Kaspersky Lab ZAO)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 1kydystc.Niko
FF ProfilePath: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko [2017-08-10]
FF Homepage: Mozilla\Firefox\Profiles\1kydystc.Niko -> hxxps://www.google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\1kydystc.Niko -> hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q=
FF Extension: (Video Downloader professional) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\ffext_basicvideoext@startpage24.xpi [2017-07-30]
FF Extension: (Video AdBlock) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1} [2016-03-06]
FF Extension: (Video DownloadHelper) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-13]
FF SearchPlugin: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\trovi-search.xml [2014-07-10]
FF SearchPlugin: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\Web Search.xml [2014-04-26]
FF Extension: (Hotspot Shield Extension) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2017-07-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: (Freemake Video Converter Plugin) - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-06-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: (Freemake Video Downloader Plugin) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-06-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: (Freemake Youtube Download Button) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-06-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\url_advisor@kaspersky.com [2017-07-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2017-07-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: (Dangerous Websites Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\content_blocker@kaspersky.com [2017-07-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: (Anti-Banner) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\anti_banner@kaspersky.com [2017-07-05] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\FFExt\online_banking@kaspersky.com [2017-07-05] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3530776945-4030788160-3505166589-1000: @tightropeinteractive.com/Plugin -> C:\Users\Niko\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3530776945-4030788160-3505166589-1000: @tnt2ghost.com/Plugin -> C:\Users\Niko\AppData\Local\TNT2\2.0.0.1627\npTNT2ghost.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxps://www.google.de/?gws_rd=cr&ei=ObhbU72LDMWJtAbVlIHoAw","hxxps://www.youtube.com/"
CHR Profile: C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default [2017-08-10]
CHR Extension: (ProxFlow) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-01-24]
CHR Extension: (Google Docs) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Turn Off the Lights) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-08-08]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-03-06]
CHR Extension: (Kaspersky Protection) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2017-07-05]
CHR Extension: (YouTube) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Freemake Video Downloader) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-06-20]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2013-12-25] [UpdateUrl: hxxps://dl.dropbox.com/u/9278456/Chrome_YouTube_Downloader/update.xml] <==== ACHTUNG
CHR Extension: (Adblock Plus) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-14]
CHR Extension: (Google-Suche) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-12-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-06-20]
CHR Extension: (Google Docs Offline) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-20]
CHR Extension: (Freemake Video Converter) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-06-20]
CHR Extension: (MySpass Adblocker) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjdpiilfcgggfhpgboiebimccnbebcj [2015-09-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Taylor Swift 2) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgnfgndihifalnjjdpfdednbfaibnik [2013-06-20]
CHR Extension: (Google Mail) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\ChromeExt\virtkbd.crx [2013-06-17]
CHR HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\ChromeExt\urladvisor.crx [2013-06-17]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\WebCake\WebCakeLayers.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\ChromeExt\ab.crx [2013-06-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 14.0.0\avp.exe [214512 2017-07-05] (Kaspersky Lab ZAO)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [Datei ist nicht signiert]
S2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2610808 2017-06-15] (AnchorFree Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-13] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-13] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-07-03] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [103736 2013-07-03] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-05-08] (AnchorFree Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-08-11] ()
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-07-24] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2017-07-05] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2017-07-05] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2017-07-05] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2017-07-05] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2017-07-05] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2017-07-05] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2017-07-05] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-11] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
S3 RTL8192su; C:\Windows\System32\DRIVERS\RTL8192su.sys [676864 2009-11-11] (Realtek Semiconductor Corporation ) [Datei ist nicht signiert]
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12464 2017-08-06] (Macrovision Europe Ltd) [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-08] (Duplex Secure Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-07-24] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U3 a5wzghwl; C:\Windows\System32\Drivers\a5wzghwl.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-10 20:52 - 2017-08-10 20:54 - 000029799 _____ C:\Users\Niko\Downloads\FRST.txt
2017-08-10 20:52 - 2017-08-10 20:52 - 002381824 _____ (Farbar) C:\Users\Niko\Downloads\FRST64.exe
2017-08-07 19:16 - 2017-08-07 20:04 - 000203988 _____ C:\TDSSKiller.3.1.0.15_07.08.2017_19.16.02_log.txt
2017-08-06 20:43 - 2017-08-06 20:44 - 000000000 ____D C:\Users\Niko\Documents\Harry Potter II
2017-08-06 20:38 - 2017-08-06 20:38 - 000002251 _____ C:\Users\Public\Desktop\Harry Potter und die Kammer des Schreckens.lnk
2017-08-06 20:38 - 2017-08-06 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2017-08-06 20:36 - 2017-08-06 20:36 - 000000000 ____D C:\Program Files (x86)\EA Games
2017-08-06 20:35 - 2017-08-06 20:35 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2017-08-06 20:35 - 2017-08-06 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2017-08-06 20:17 - 2017-08-07 06:16 - 000000000 ____D C:\Program Files\AVAST Software
2017-08-06 20:17 - 2017-08-06 20:32 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-06 11:59 - 2017-08-06 20:42 - 000012464 _____ (Macrovision Europe Ltd) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2017-08-06 11:56 - 2017-08-07 17:58 - 000001127 _____ C:\Users\Niko\Desktop\Call of Duty Mehrspieler.lnk
2017-08-06 11:56 - 2017-08-06 17:43 - 000001183 _____ C:\Users\Niko\Desktop\Call of Duty Einzelspieler.lnk
2017-08-06 11:56 - 2017-08-06 11:56 - 000000984 _____ C:\Users\Gast.Niko-PC\Desktop\Call of Duty Mehrspieler.lnk
2017-08-06 11:56 - 2017-08-06 11:56 - 000000984 _____ C:\Users\Gast.Niko-PC\Desktop\Call of Duty Einzelspieler.lnk
2017-08-06 11:55 - 2017-08-06 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty
2017-08-06 11:55 - 2017-08-06 11:55 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
2017-08-06 11:51 - 2017-08-06 11:56 - 000000745 _____ C:\Windows\CoD.INI
2017-08-06 11:45 - 2017-08-06 20:19 - 000000000 ____D C:\Users\Niko\Downloads\Call.of.Duty.2.DVD.GERMAN-NESSUNO - more games on GLOAD.cc
2017-08-06 11:27 - 2017-08-06 11:50 - 000000000 ____D C:\Users\Niko\Downloads\Call.Of.Duty.United.Offense.GERMAN-SiLENTGATE - more games on GLOAD.cc
2017-08-04 19:15 - 2017-08-10 18:34 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-03 19:08 - 2017-08-04 19:17 - 000000000 ____D C:\Users\Niko\Downloads\Kaspersky Crack
2017-07-29 12:14 - 2017-07-30 11:17 - 000000000 ____D C:\Users\Niko\Downloads\klg-best-box17
2017-07-26 20:02 - 2017-07-26 20:04 - 000000000 ____D C:\Users\Niko\Downloads\Disc 2
2017-07-26 20:02 - 2017-07-26 20:04 - 000000000 ____D C:\Users\Niko\Downloads\Disc 1
2017-07-23 14:53 - 2017-07-23 14:53 - 000001757 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-07-23 14:53 - 2017-07-23 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-07-23 14:52 - 2017-07-23 14:52 - 000000000 ____D C:\Program Files\iPod
2017-07-14 19:09 - 2017-05-03 17:34 - 000094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-14 19:09 - 2017-05-03 17:29 - 001206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-14 19:09 - 2017-03-23 04:06 - 001691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-14 19:04 - 2017-06-30 06:15 - 000394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-14 19:04 - 2017-06-30 05:32 - 000346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-14 19:04 - 2017-06-30 04:57 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-14 19:04 - 2017-06-30 04:57 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-14 19:04 - 2017-06-30 04:57 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-14 19:04 - 2017-06-30 04:39 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-14 19:04 - 2017-06-30 04:38 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-14 19:04 - 2017-06-29 08:27 - 025734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-14 19:04 - 2017-06-29 08:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-14 19:04 - 2017-06-29 08:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-14 19:04 - 2017-06-29 08:03 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-14 19:04 - 2017-06-29 08:03 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-14 19:04 - 2017-06-29 08:02 - 002899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-14 19:04 - 2017-06-29 08:02 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-14 19:04 - 2017-06-29 08:02 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-14 19:04 - 2017-06-29 07:55 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-14 19:04 - 2017-06-29 07:54 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-14 19:04 - 2017-06-29 07:51 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-14 19:04 - 2017-06-29 07:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-14 19:04 - 2017-06-29 07:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-14 19:04 - 2017-06-29 07:50 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-14 19:04 - 2017-06-29 07:50 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-14 19:04 - 2017-06-29 07:44 - 005975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-14 19:04 - 2017-06-29 07:43 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-14 19:04 - 2017-06-29 07:39 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-14 19:04 - 2017-06-29 07:35 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-14 19:04 - 2017-06-29 07:31 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-14 19:04 - 2017-06-29 07:31 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-14 19:04 - 2017-06-29 07:30 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-14 19:04 - 2017-06-29 07:27 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-14 19:04 - 2017-06-29 07:26 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 020270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-14 19:04 - 2017-06-29 07:23 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-14 19:04 - 2017-06-29 07:22 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-14 19:04 - 2017-06-29 07:22 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-14 19:04 - 2017-06-29 07:22 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-14 19:04 - 2017-06-29 07:19 - 002290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-14 19:04 - 2017-06-29 07:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-14 19:04 - 2017-06-29 07:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-14 19:04 - 2017-06-29 07:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-14 19:04 - 2017-06-29 07:13 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-14 19:04 - 2017-06-29 07:13 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-14 19:04 - 2017-06-29 07:13 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-14 19:04 - 2017-06-29 07:11 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-14 19:04 - 2017-06-29 07:09 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-14 19:04 - 2017-06-29 07:09 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-14 19:04 - 2017-06-29 07:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-14 19:04 - 2017-06-29 07:07 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-14 19:04 - 2017-06-29 07:05 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-14 19:04 - 2017-06-29 07:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-14 19:04 - 2017-06-29 07:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-14 19:04 - 2017-06-29 07:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-14 19:04 - 2017-06-29 06:58 - 015253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-14 19:04 - 2017-06-29 06:58 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-14 19:04 - 2017-06-29 06:56 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-14 19:04 - 2017-06-29 06:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-14 19:04 - 2017-06-29 06:54 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-14 19:04 - 2017-06-29 06:53 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-14 19:04 - 2017-06-29 06:52 - 004549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-14 19:04 - 2017-06-29 06:48 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-14 19:04 - 2017-06-29 06:47 - 000693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-14 19:04 - 2017-06-29 06:46 - 002057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-14 19:04 - 2017-06-29 06:46 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-14 19:04 - 2017-06-29 06:43 - 013663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-14 19:04 - 2017-06-29 06:41 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-14 19:04 - 2017-06-29 06:29 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-14 19:04 - 2017-06-29 06:28 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-14 19:04 - 2017-06-29 06:24 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-14 19:04 - 2017-06-22 16:58 - 003223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-14 19:04 - 2017-06-15 22:23 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-14 19:04 - 2017-06-13 00:54 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-14 19:04 - 2017-06-13 00:54 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-14 19:04 - 2017-06-13 00:54 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-14 19:04 - 2017-06-13 00:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-14 19:04 - 2017-06-13 00:49 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-14 19:04 - 2017-06-13 00:28 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-14 19:04 - 2017-06-13 00:28 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-14 19:04 - 2017-06-13 00:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-14 19:04 - 2017-06-13 00:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-14 19:04 - 2017-06-13 00:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-14 19:04 - 2017-06-13 00:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-14 19:04 - 2017-06-10 17:59 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-14 19:04 - 2017-06-10 17:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-14 19:04 - 2017-06-09 17:33 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-14 19:04 - 2017-06-06 17:30 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-14 19:04 - 2017-06-06 17:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-14 19:04 - 2017-05-30 06:56 - 001895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-14 19:04 - 2017-05-30 06:56 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-14 19:04 - 2017-05-30 06:56 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-14 19:04 - 2017-05-16 17:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-14 19:04 - 2017-05-16 17:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-14 19:03 - 2017-06-30 04:57 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-14 19:03 - 2017-06-30 04:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-14 19:03 - 2017-06-30 04:40 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-14 19:03 - 2017-06-30 04:40 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-14 19:03 - 2017-06-30 04:39 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-14 19:03 - 2017-06-30 04:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-14 19:03 - 2017-06-30 04:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-14 19:03 - 2017-06-30 04:27 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-14 19:03 - 2017-06-30 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-14 19:03 - 2017-06-30 04:26 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-14 19:03 - 2017-06-30 04:26 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-14 19:03 - 2017-06-29 08:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-14 19:03 - 2017-06-29 06:23 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-14 19:03 - 2017-06-13 00:49 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-14 19:03 - 2017-06-13 00:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-14 19:03 - 2017-06-13 00:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-14 19:03 - 2017-06-13 00:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-14 19:03 - 2017-06-13 00:12 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-14 19:03 - 2017-06-13 00:12 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-14 19:03 - 2017-06-13 00:12 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-14 19:03 - 2017-06-13 00:11 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-14 19:03 - 2017-06-13 00:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-14 19:03 - 2017-06-13 00:05 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-14 19:03 - 2017-05-21 06:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-14 19:03 - 2017-05-21 06:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-14 19:03 - 2017-05-16 17:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-10 20:52 - 2013-10-12 16:15 - 000000000 ____D C:\FRST
2017-08-10 20:36 - 2014-01-30 13:18 - 000007612 _____ C:\Users\Niko\AppData\Local\Resmon.ResmonCfg
2017-08-10 20:00 - 2016-11-02 22:00 - 000000911 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job
2017-08-10 20:00 - 2016-11-02 22:00 - 000000725 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job
2017-08-10 20:00 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-08-10 18:58 - 2009-07-14 06:45 - 000023072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-10 18:58 - 2009-07-14 06:45 - 000023072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-10 18:32 - 2015-11-02 18:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-10 18:12 - 2014-06-06 14:01 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-08-10 18:02 - 2013-06-20 14:06 - 000000000 ____D C:\Users\Niko\AppData\Local\Adobe
2017-08-10 17:59 - 2016-11-24 18:44 - 000000000 ____D C:\Users\Niko\AppData\LocalLow\Mozilla
2017-08-10 17:56 - 2015-02-25 15:42 - 000000000 ____D C:\Users\Niko\AppData\Local\JDownloader 2.0
2017-08-10 17:51 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-08 19:16 - 2013-06-20 14:10 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-08-08 19:16 - 2013-06-20 14:10 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-08 19:16 - 2013-06-20 14:10 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-08-08 19:16 - 2013-06-20 14:10 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-08 19:16 - 2013-06-20 14:10 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-08 18:51 - 2017-02-05 12:26 - 000000000 ____D C:\Users\Niko\Desktop\Neuer Ordner
2017-08-08 18:27 - 2016-08-17 06:32 - 000000000 ____D C:\Users\Gast.Niko-PC
2017-08-08 18:21 - 2013-06-20 18:13 - 000000000 ____D C:\Users\Niko\AppData\Roaming\vlc
2017-08-08 06:30 - 2013-06-20 13:11 - 000002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-07 18:14 - 2009-07-14 07:08 - 000032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-07 18:02 - 2013-07-02 15:41 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-08-06 20:57 - 2013-10-12 20:29 - 000000000 ____D C:\Users\Niko\AppData\Roaming\dvdcss
2017-08-06 20:36 - 2013-10-12 00:55 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2017-08-06 20:36 - 2013-06-20 13:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-06 20:22 - 2013-06-20 17:43 - 000000000 ____D C:\Users\Niko\AppData\Local\CrashDumps
2017-08-06 20:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-08-06 17:42 - 2013-06-23 16:09 - 000000000 ____D C:\Program Files (x86)\Activision
2017-08-06 13:00 - 2014-08-13 12:20 - 000000000 ____D C:\Users\Niko\AppData\Local\ElevatedDiagnostics
2017-08-06 11:43 - 2013-06-20 14:43 - 000000000 ____D C:\Users\Niko\AppData\Roaming\DAEMON Tools Pro
2017-08-03 19:11 - 2014-12-04 00:25 - 000002500 _____ C:\Users\Niko\Desktop\Sicherer Zahlungsverkehr.lnk
2017-07-28 20:43 - 2014-10-28 11:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-07-28 20:42 - 2009-07-14 04:34 - 000000478 _____ C:\Windows\win.ini
2017-07-26 20:18 - 2013-06-23 12:09 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Mp3tag
2017-07-26 20:10 - 2014-07-24 22:43 - 000000000 ____D C:\Users\Niko\AppData\Local\JDownloader v2.0
2017-07-26 20:07 - 2015-06-11 14:12 - 000000000 ____D C:\Users\Niko\Desktop\Trainingsmusik
2017-07-23 20:28 - 2013-06-20 13:49 - 000000000 ____D C:\Users\Niko\Desktop\Musik
2017-07-23 14:53 - 2015-10-04 21:30 - 000000000 ____D C:\Program Files\iTunes
2017-07-20 18:40 - 2009-07-14 19:58 - 000699432 _____ C:\Windows\system32\perfh007.dat
2017-07-20 18:40 - 2009-07-14 19:58 - 000149572 _____ C:\Windows\system32\perfc007.dat
2017-07-20 18:40 - 2009-07-14 07:13 - 001620684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-19 07:29 - 2013-06-20 17:42 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Winamp
2017-07-18 08:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2017-07-17 07:50 - 2009-07-14 06:45 - 005121880 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-15 22:23 - 2014-12-11 13:07 - 000000000 ____D C:\Windows\system32\appraiser
2017-07-15 17:53 - 2013-07-23 02:35 - 000000000 ____D C:\Windows\system32\MRT
2017-07-15 17:44 - 2013-06-22 16:36 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-14 18:27 - 2013-06-20 19:20 - 000000000 ____D C:\Program Files (x86)\Steam

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-05-02 06:29 - 2017-05-02 06:29 - 007649280 _____ () C:\Program Files (x86)\GUT7DF6.tmp
2014-04-27 19:32 - 2014-04-27 19:32 - 000001204 _____ () C:\Users\Niko\AppData\Roaming\.southparkloader.xml
2013-12-04 19:36 - 2013-12-04 19:37 - 000000624 _____ () C:\Users\Niko\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-12-11 20:01 - 2016-03-09 04:09 - 000000049 _____ () C:\Users\Niko\AppData\Roaming\install.imp
2015-10-15 16:14 - 2015-10-24 13:51 - 000000154 _____ () C:\Users\Niko\AppData\Roaming\Rim.Desktop.Exception.log
2015-10-15 16:06 - 2015-10-15 16:06 - 000001153 _____ () C:\Users\Niko\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-10-15 16:14 - 2015-10-24 13:51 - 000000154 _____ () C:\Users\Niko\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-05-10 14:45 - 2015-03-18 14:44 - 000001456 _____ () C:\Users\Niko\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-01-28 18:18 - 2014-01-28 18:18 - 000000006 _____ () C:\Users\Niko\AppData\Local\config.txt
2013-12-16 21:08 - 2013-12-16 21:08 - 000000000 ___SH () C:\Users\Niko\AppData\Local\LumaEmu
2014-07-11 11:50 - 2014-07-11 11:50 - 000002671 _____ () C:\Users\Niko\AppData\Local\recently-used.xbel
2014-01-30 13:18 - 2017-08-10 20:36 - 000007612 _____ () C:\Users\Niko\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
2017-08-04 20:38 - 2017-08-04 20:38 - 000040448 ____N () C:\Users\Niko\AppData\Local\Temp\proxy_vole2129202407163604852.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-04 21:13

==================== Ende von FRST.txt ============================
         

Gibt es noch andere Mögliche Verursacher?

MfG
Rene

Alt 10.08.2017, 21:59   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Zitat:
AV: Kaspersky Internet Security (Disabled - Up to date)
Du hast deaktiviert, nicht deinstalliert.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.08.2017, 21:59   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Zitat:
AV: Kaspersky Internet Security (Disabled - Up to date)
Du hast deaktiviert, nicht deinstalliert.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.08.2017, 19:04   #9
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Ich hab das Programm deinstalliert. Es ist nun viel besser aber immer noch nicht perfekt.
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2017
durchgeführt von Niko (11-08-2017 18:12:52)
Gestartet von C:\Users\Niko\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-06-20 04:14:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3530776945-4030788160-3505166589-500 - Administrator - Disabled)
Gast (S-1-5-21-3530776945-4030788160-3505166589-501 - Limited - Enabled) => C:\Users\Gast.Niko-PC
HomeGroupUser$ (S-1-5-21-3530776945-4030788160-3505166589-1002 - Limited - Enabled)
Niko (S-1-5-21-3530776945-4030788160-3505166589-1000 - Administrator - Enabled) => C:\Users\Niko

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1954 Alcatraz (HKLM-x32\...\1954 Alcatraz_is1) (Version: 1.0.4579r - Daedalic Entertainment)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20093 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
American Truck Simulator Version 1.0 (HKLM-x32\...\{1E1A283E-DA44-4DCB-BC57-295E54DF18CA}_is1) (Version: 1.0 - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{7346C35D-942D-3CCE-94CB-7008BA8D63CB}) (Version: 8.59.29722 - Microsoft) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty Black Ops II Version v1.0 (HKLM-x32\...\{9FC70705-BEE9-4044-BCEC-9D058AE43843}_is1) (Version: v1.0 - ZKY)
Call of Duty Ghosts MULTI 5 (HKLM-x32\...\Q2FsbG9mRHV0eUdob3N0cw==_is1) (Version: 1 - )
Call of Duty Modern Warfare 3 (HKLM-x32\...\Call of Duty: Modern Warfare 3 Full-Rip_is1) (Version: 1.0.0 - )
Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Camtasia 9 (HKLM\...\{D8A1F37A-B11B-4451-830D-6A243ADE2591}) (Version: 9.0.1.1422 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{48cb006a-7b5b-4a48-98fd-fbd7af456b0d}) (Version: 9.0.1.1422 - TechSmith Corporation)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\CopyTrans Suite) (Version: 4.008 - WindSolutions)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd)
Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line)
Die Gilde Gold Update v. 2.06  (HKLM-x32\...\Die Gilde Gold Update v. 2.06 ) (Version:  - )
Die Gilde Gold-Edition (HKLM-x32\...\Die Gilde Gold-Edition) (Version: 2.06 - JoWooD Productions Software AG)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.30.105.1010 - Electronic Arts Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC)
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version:  - )
Electronic Arts Product Registration (HKLM-x32\...\{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts) Hidden
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Enemy Front (HKLM-x32\...\{0E70B8F0-17E2-44B4-B781-CEDF66DCE053}_is1) (Version: 1.0 - City Interactive)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
Epson-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.0.2 - SCS Software)
F1 2013 German (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
F1 2014 German (HKLM-x32\...\RjEyMDE0_is1) (Version: 1 - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Music Box (HKLM-x32\...\Freemake Music Box_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.1 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.1 - Ellora Assets Corporation)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 - Premium Edition (HKLM-x32\...\{85E7B200-3222-48DE-8C42-BD712AE0E929}_is1) (Version: Premium - Youda Games)
Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0 (HKLM-x32\...\Grand Theft Auto V Digital Deluxe Edition MULTi11 1.0) (Version:  - )
Grand Theft Auto V update Version 1.0.323.1 (HKLM-x32\...\{4959470E-EDAC-4710-A636-276D79A81B94}_is1) (Version: 1.0.323.1 - Rockstar Games)
Grand Theft Auto: The Trilogy (HKLM-x32\...\{C18536B9-C90F-4AF2-A13D-0CA15BF2DA09}_is1) (Version: 1.0 - RAF)
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version:  - )
Hot CPU Tester Pro 4.4.1 (HKLM-x32\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers)
Hotspot Shield 6.8.12 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925B1A76C50}) (Version: 6.8.12.10541 - AnchorFree Inc.) Hidden
Hotspot Shield 6.8.12 (HKLM-x32\...\{c67c171b-b51a-4ff1-a641-6f4a9fb11bc9}) (Version: 6.8.12.10541 - AnchorFree Inc.)
Hotspot Shield 6.8.12 (HKLM-x32\...\HotspotShield) (Version: 6.8.12 - AnchorFree Inc.) Hidden
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{ECFFD23C-3111-4685-8118-E1F79644203F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Hilfe (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (HKLM-x32\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden
K-Lite Mega Codec Pack 13.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.2.0 - KLCP)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Editor 64bit 4 (HKLM\...\PDF Editor 64bit 4) (Version:  - )
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 1) (Version: 1.00 Part 1 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 2) (Version: 1.00 Part 2 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.00 Part 3) (Version: 1.00 Part 3 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.10) (Version: 1.10 - Pesgalaxy)
Pesgalaxy.com Patch 2017 (HKLM-x32\...\Pesgalaxy.com Patch 2017 1.12) (Version: 1.12 - Pesgalaxy)
Pizza Connection 2 (HKLM-x32\...\{DA47ABC4-52DF-468D-988D-B9E768A3DF52}) (Version:  - )
Prison Break (HKLM-x32\...\{C5A31DDC-157A-4DD7-9B5C-C692A06F61FD}) (Version: 1.00 - Deep Silver)
Pro Evolution Soccer 2013 (HKLM-x32\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.00.0000 - KONAMI)
Pro Evolution Soccer 2015 Day One Edition MULTi2 1.0 (HKLM-x32\...\Pro Evolution Soccer 2015 Day One Edition MULTi2 1.0) (Version:  - )
Pro Evolution Soccer 2015 Update v1.02 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 German (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Pro Evolution Soccer 2017 (HKLM-x32\...\{A3C10274-808C-4ADC-A13D-D94911180B58}_is1) (Version:  - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
Sanny Builder 3.01 (HKLM-x32\...\Sanny Builder 3_is1) (Version:  - )
SDK Debuggers (HKLM-x32\...\{E63A3353-003C-E4C2-230B-F155212D1479}) (Version: 8.59.29746 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Sid Meier's Pirates! (HKLM-x32\...\{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
Sid Meier's Pirates! (HKLM-x32\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{7ACB9D1D-5B26-4CE4-964A-1EB22461E6F6}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Incl. Ultimate Fellowship Pack MULTI-2 1.00) (Version:  - )
South Park Der Stab der Wahrheit Update 2 Incl. DLCs MULTI-2 1.00 (HKLM-x32\...\South Park Der Stab der Wahrheit Update 2 Incl. DLCs MULTI-2 1.00) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 3 Gold (HKLM-x32\...\Stronghold 3 Gold_is1) (Version:  - )
Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1004 - Firefly Studios)
Stronghold Crusader II Deinstallation (HKLM-x32\...\Stronghold Crusader II Deinstallation) (Version: 1.00 - Shadow Eagle)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
The Sims 4 Version 1.0 (HKLM-x32\...\{A4DD0B0B-029A-4F77-BF7B-FBE6A849974D}_is1) (Version: 1.0 - ZKY)
TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2015 (KB4011046) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DED3C7C7-564E-4FF5-9A2F-53CB356ECD74}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011046) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DED3C7C7-564E-4FF5-9A2F-53CB356ECD74}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4011046) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DED3C7C7-564E-4FF5-9A2F-53CB356ECD74}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CE92F061-BFBC-11E3-8FF3-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ACHTUNG
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WPT Redistributables (HKLM-x32\...\{A5D42D71-4036-5F88-5085-657C9DF9F1DD}) (Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{986EABFC-92F6-CECD-9E5A-B13CAC40BB1D}) (Version: 8.59.29722 - Microsoft) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3530776945-4030788160-3505166589-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2013-10-17] (Disc Soft Ltd)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2013-10-17] (Disc Soft Ltd)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (Igor Pavlov)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-04-28] (Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {14CC7BA0-0B63-4B8C-97F1-853FE154CEE4} - System32\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {31470BF1-8725-4716-85D5-664E3944139A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {34C4E706-BD4A-48FE-90BC-6520E602E2DD} - System32\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {591213A2-BADC-42F6-9A6E-0C455AA7B224} - System32\Tasks\{B474F0C9-476B-464D-A9F5-2860230A558B} => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe [2013-11-01] ( )
Task: {7D9C678A-8759-4D05-B9D4-547D68877103} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {85A9F375-B72C-4D1E-B185-E238E140E082} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {8F37701F-600C-4AD4-98DC-F55DF8F4533E} - System32\Tasks\{D81C89A7-A32E-4482-BE0D-576F684B78BC} => C:\Windows\system32\pcalua.exe -a "E:\Spiele\PES 2014\PESEdit.com 2014 Patch 4.2\Installer.exe" -d "E:\Spiele\PES 2014\PESEdit.com 2014 Patch 4.2"
Task: {96C336AC-186D-49ED-BFAF-F5DC7E07681A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {A56DE033-13A2-487D-9026-713CA67DC6E3} - System32\Tasks\AdobeAAMUpdater-1.0-Niko-PC-Niko => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {AE1F6E2B-9B2C-4F1C-9867-83437EEF507D} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {B2F980FF-116F-4335-9FA6-B67BCCA9C45E} - System32\Tasks\{0181734B-83B8-4059-9ED6-E8AE0C27D32F} => C:\Program Files (x86)\Governor of Poker 2\GovernorofPoker2.exe [2010-06-18] (I Sioux B.V. )
Task: {B87E110F-30FA-4D0C-9B10-C8688CBDA0C1} - System32\Tasks\{039D68AB-2011-4786-8F98-8722280FF77B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Niko\Downloads\Minecraft 1.8аенривар.exe" -d C:\Users\Niko\Downloads
Task: {C6CFC376-A6AB-469E-835C-E87230798468} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D25C451E-96DC-4947-8972-E7EE164B60D8} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-05-24] ()
Task: {D573BED3-BB1B-4F61-AE18-4C1344F0B584} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E02E6F8D-971D-41AB-AB2E-501D9DC4A98F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {E66C1AA7-DC64-4A23-9DFA-5C4B5CE45DD4} - System32\Tasks\{83A906C1-DF31-4176-8753-D0916C0FAEF1} => C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe [2013-11-01] ( )
Task: {EB4ED791-CB86-4631-9ABA-CBA8E1048F0E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3530776945-4030788160-3505166589-1000
Task: {EDE07330-8AC8-4592-AA31-0DCFBDE8EE43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {FF23C186-195C-4DFB-8B1A-F4F82A6BCC52} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{78C1617E-DB1D-48B9-B4F4-5E56C6303F18} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=RY_5021_CH&co=DE&userid=8448577c-e17a-f494-3b4c-a2fd09430c74&searchtype=sc&installDate=26/04/2014&barcodeid=127899&um=0

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 000667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-07-15 06:44 - 2010-07-15 06:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-06-23 16:15 - 2013-07-03 00:26 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-23 16:16 - 2013-07-03 00:26 - 000103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2017-08-11 17:59 - 2017-08-11 17:59 - 000566439 _____ () C:\Users\Niko\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2017-08-11 17:59 - 2017-08-11 17:59 - 004078962 _____ () C:\Users\Niko\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2017-08-08 06:30 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
2017-08-08 06:30 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
2017-06-15 12:36 - 2017-06-15 12:36 - 000166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2014-01-30 22:47 - 2014-03-08 12:05 - 000002560 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\Drakonia Configurator\hid.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: Skiller PRO => "C:\Program Files (x86)\Skiller PRO\Monitor.exe"
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FA3769F3-CE81-426B-8B2A-1B803B6714F0}] => (Allow) LPort=1542
FirewallRules: [{E16ABA41-BFCC-4F02-90C1-B00EA33F1E98}] => (Allow) LPort=1542
FirewallRules: [{6C240299-F132-4BB5-971C-101F4B4D6772}] => (Allow) LPort=53
FirewallRules: [TCP Query User{B2DAC3C0-8B7A-4C75-9C6D-A3FC471E5B48}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{0D0BD8AC-F5EC-4FE5-A70F-CFFFB4C3535F}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{64E0FE84-7E68-4780-BD7F-D6C7444588E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{450A84A2-749C-465A-9D74-928D00C5B367}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A0EBF6E0-58D2-49BC-AF11-FF0FBE38DA21}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{43CEAB4A-24E2-4149-9C4C-2E3678827877}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [TCP Query User{E2DEE087-44CD-4921-9F6C-9B47890E480E}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9D21E407-2076-4F9E-9F37-C2ABCE18FB77}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{7B9A2D8C-6920-45B1-80F7-9F17CBCBBBE2}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{6166B344-E8E2-4ACF-8DBB-A2CC21862343}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{559DB375-E0FE-4934-88A9-B2CDD434C3FE}C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe
FirewallRules: [UDP Query User{26310919-6788-4418-8250-5DC542E7019A}C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty 5 - world at war\codwaw.exe
FirewallRules: [{1145A7A7-9D04-4333-B1A9-37382EE09AE2}] => (Block) C:\Program Files (x86)\Activision\Call of Duty 5 - World at War\CoDWaW.exe
FirewallRules: [{2114E51C-3CD8-40EA-BB24-B5089800AA87}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F511107A-A5FA-44EE-9B03-1F28A7567F0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0AA84385-A00B-408D-868A-39EC8A06AEA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C98529F4-0F44-452E-970C-24FBCEA49B20}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7032CF92-04B2-47C4-A051-6CFE3D507DF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{83C720A2-6F50-4EFF-A583-5F0BBBB0C578}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{1121D106-138D-4658-80A1-37D4F7C651B2}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{0A166F36-6821-45A8-A0E8-A0FB2657186E}C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{B5381106-F358-47BB-900E-4029E048FE65}C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty 7 - black ops\call of duty black ops\blackops.exe
FirewallRules: [{917681C2-8D27-4A7B-B58E-0D46FD68EC6C}] => (Block) %ProgramFiles% (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [TCP Query User{8C312707-A4FA-43B9-B52F-F337CCAAD59B}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe
FirewallRules: [UDP Query User{B6F38871-3DA6-4577-B7A5-48BE2863AB7D}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe
FirewallRules: [TCP Query User{1BC3FA3D-0B99-47F8-B266-9DFE1F4A2221}C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe
FirewallRules: [UDP Query User{886E419E-F913-462E-969A-444D2608EDC8}C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe] => (Allow) C:\program files (x86)\activision\call of duty 9 - black ops ii\t6sp.exe
FirewallRules: [{6C5E9052-FD13-4716-882C-79B96EC04B7A}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [{DA3601BD-DC0F-4CEC-98DF-E205029C8C7E}] => (Allow) C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{C1BFB3E2-F82B-4903-81C5-B616EABBDCAE}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{C752132D-F071-43D8-AFC2-15A1AC3568E8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{4EB2DC08-781E-42C7-B96F-8CBF827C8CA2}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [UDP Query User{E25201E5-BD2C-4069-910C-FB4254714B8D}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Block) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [{18FEEBC3-FD9E-4944-BDF0-5DC6B64F3C82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{895452D7-99A7-4114-87B0-9FF37BA8B1AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{01D21AE8-3C26-4407-8D42-A94BCF8BB70F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{71DB3129-E729-47CF-8C7C-923C3B3C21E0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{09225EE8-5677-4916-A8E2-A3268C7D684E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9686754B-F86A-48ED-A678-8B1B48CDF23A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4DB992F8-7FB9-4A81-94B3-6547641EDD97}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop CC\Photoshop.exe
FirewallRules: [{36A99C31-F804-4C8D-94C5-44E0FF82DED7}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [TCP Query User{B96D5F3A-2324-4D0C-AB14-99E42FF402CA}C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe
FirewallRules: [UDP Query User{5EDD385E-4556-4FD6-BCF7-EAAC6925E3F8}C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe] => (Allow) C:\program files (x86)\city interactive\enemy front\bin32\enemyfront.exe
FirewallRules: [TCP Query User{DFF6E79E-1E9B-4C9C-9E72-F5D970643AAB}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{3959CC63-2F51-4830-B367-55351EBF70EA}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{F9987285-9B58-40B7-AFC1-E37588B42BE7}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\UpLauncher.exe
FirewallRules: [{061BB67F-F867-4FB8-98A4-9A3598DB5FF9}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\TestDrive2.exe
FirewallRules: [{6F31DE50-E6B2-4F9B-B53F-FCA0D0F70434}] => (Block) %ProgramFiles% (x86)\Atari\TDU2\UpLauncher.exe
FirewallRules: [{D6746BDD-A1C5-4036-9629-FF536C376F9B}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\stronghold_crusader_extreme.exe
FirewallRules: [{72CEF630-2BFB-4133-8F76-236BDC4D1936}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{2270157A-24CE-4FD8-9AEF-DFBD4C24B0FB}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B1E8CCB7-21C8-4F41-BBE3-16A4254415E5}C:\program files (x86)\jdownloader\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{BA065EFB-4B13-42C3-9E33-DCDA436AA9FF}C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe
FirewallRules: [UDP Query User{E94D2FAF-78D1-41CE-899B-0B2F84580CD5}C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader ii\bin\win32_release\crusader2.exe
FirewallRules: [{CF091463-4B98-4363-9B90-0710D0FECABA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{60100688-3F55-4E09-BF77-7B5E3B3647EB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C485643D-2AFF-4E6D-929D-42EF90865F4E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C2C28C3C-A6E8-4EAB-8429-F059F86F7BD0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{EC55DC6F-2B60-45DD-84C0-25AFF0FC7D23}C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{2F653C76-EE5F-4523-B0B8-5AF8D1928186}C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{5090092D-240B-4B21-84F3-B87F1A013E40}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [{760C8884-D1D0-4D29-BDF6-8E0F630B8130}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EDC9DDE5-70CA-4989-9336-8EA2BFDB650C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A967421B-32EA-4B22-AC36-D33B9B5B0628}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6A1DCED5-C03F-420A-A180-0357E0F8A9B7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{92E764A2-1693-4D6D-B8E6-FACE3C00CB66}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{1816E24A-43BC-40E1-B57B-FA350CE0CD4D}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{2E2042A8-5DE5-4EAB-BBA1-90FADFD0960E}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{55ABA1E5-27FB-405B-BDD5-50FC55F42C86}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [TCP Query User{8E029F67-9AC4-49C1-BFF9-03BD0F76694A}C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{C247D5D5-D15B-4AEA-A358-1C37EA31906C}C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{8087AC03-A46B-4451-830F-3B45F3C8ADA9}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{0AB6005C-3AE0-4F22-8249-A85BC8BBAF4E}C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{1708A03A-559C-4362-BFB5-0EFBA5221290}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{864B25B9-2822-4467-8126-607E510334D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{423E07FB-28BC-4946-8D04-42FDDC8BC563}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C460C2B-075C-4AB6-A90E-7C2934DEC9CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9CBB1FBE-F775-426E-9E1F-79397534F900}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{EDAA072E-A9AC-4A0B-9971-A4B5C352D84F}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{43B6C9AF-D906-42C3-8870-FF6B3A341FA5}] => (Allow) LPort=4481
FirewallRules: [{60680C4C-A6D9-4779-8EBF-25357923A0A4}] => (Allow) LPort=4481
FirewallRules: [{237F42FD-E704-489B-B345-5E5101D6F76A}] => (Allow) LPort=4482
FirewallRules: [{B4640666-DDAB-4ECA-AC1B-5E00AFFC8CB6}] => (Allow) LPort=4482
FirewallRules: [{978335EE-5859-48B9-A2BB-B72BFDEF888B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1E6D4A7C-3D1E-4A99-98B6-37DAA8B41AEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FD6F8533-596D-4873-9557-1E5E7A57DE4C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{09CA70CD-76AA-4694-9C61-5CC4B5774FC1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1DFC6904-B7E9-4C9B-8A55-0138FA1E637E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6C5A8E30-6FD3-475B-83B9-CC23D8B85DF1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A51C9788-A85A-4382-A278-8C858E1B467D}] => (Allow) K:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{282B249F-126F-4B40-ACFC-4F22BB60EE07}] => (Allow) K:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F26D6D1B-C192-462C-A945-34632FC8D5B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9BC86692-CEBB-45C4-A5A7-C1D8603C6D12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1DBFC50E-454F-4BAC-9AAD-D0C10D78B079}] => (Block) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe
FirewallRules: [{F19FDC1C-3528-45FD-A2A0-60044D8956F8}] => (Allow) LPort=8318
FirewallRules: [{B70F7D98-7D1D-4495-AD5A-A5CE513138C0}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{0F1E3529-4F79-4547-8F39-419A31031781}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{DFA17B34-8D14-438D-BC58-DD0F2458B590}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{A846CCCF-7CE8-4762-9FA3-F8DB3BA65B3A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [TCP Query User{E8F448A3-3114-4568-A6FC-BEA41A502B14}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{4030E393-78F4-4CD7-A2C7-684AEBB6D820}C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\niko\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [{85C1534F-6F5D-4EC8-9C9A-2D11C9FD063C}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{423C1F69-B2B3-47AF-AF3D-BAB542046184}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{5B86CBDB-443C-4924-AB5B-17F1F2157DC2}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{4ECA478A-A9B9-4584-BAF5-14BDE21CC59F}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Sims 4 - Digital Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{69A6252B-617E-433F-A39C-5AA6486F9FB1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F78CA127-7D82-4543-BC8C-163184148A7A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-08-2017 17:42:04 Installiert Call of Duty - United Offensive
06-08-2017 19:00:12 Windows-Sicherung
06-08-2017 19:41:12 Installiert Call of Duty - United Offensive
06-08-2017 20:35:28 Installiert Electronic Arts Product Registration
08-08-2017 18:20:29 Windows Update
10-08-2017 21:03:53 Windows Update
11-08-2017 07:02:19 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/11/2017 06:48:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (08/10/2017 06:04:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (08/08/2017 06:21:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (08/07/2017 06:12:41 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Ein kritischer Systemprozess C:\Windows\system32\lsm.exe ist fehlgeschlagen mit den Statuscode 1. Der Computer muss neu gestartet werden.

Error: (08/07/2017 06:23:06 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (08/06/2017 08:49:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Game.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1cfc

Startzeit: 01d30ee3fa7954ee

Endzeit: 133

Anwendungspfad: C:\Program Files (x86)\EA Games\Harry Potter und die Kammer des Schreckens\system\Game.exe

Berichts-ID:

Error: (08/06/2017 08:40:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Souldrinker.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1adc

Startzeit: 01d30ee337890c97

Endzeit: 4

Anwendungspfad: D:\Crack\Souldrinker.exe

Berichts-ID:

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 08:35:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.
.


Systemfehler:
=============
Error: (08/11/2017 05:57:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/11/2017 05:57:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/11/2017 05:57:18 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/11/2017 05:57:18 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (08/11/2017 05:41:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/11/2017 05:41:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/11/2017 05:40:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/11/2017 05:40:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst chip 1-click download service erreicht.

Error: (08/11/2017 07:02:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Advanced Micro Devices, Inc driver update for AMD SMBus

Error: (08/11/2017 06:45:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


CodeIntegrity:
===================================
  Date: 2014-08-13 17:26:13.528
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.527
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.516
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.501
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.500
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 17:26:13.498
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.677
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.676
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.674
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-12 00:21:24.659
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X6 1075T Processor
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 4095.18 MB
Verfügbarer physikalischer RAM: 1897.49 MB
Summe virtueller Speicher: 8188.54 MB
Verfügbarer virtueller Speicher: 5542.58 MB

==================== Laufwerke ================================

Drive c: (Niko) (Fixed) (Total:931.41 GB) (Free:403.73 GB) NTFS
Drive k: (ZKF Ausbildungsfilm 2014) (CDROM) (Total:0.59 GB) (Free:0 GB) UDF
Drive l: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 40D8DD8F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 11.08.2017, 19:05   #10
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017
durchgeführt von Niko (Administrator) auf NIKO-PC (11-08-2017 18:11:44)
Gestartet von C:\Users\Niko\Downloads
Geladene Profile: Niko (Verfügbare Profile: Niko & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AppWork GmbH) C:\Users\Niko\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\MountPoints2: {7985ce0e-0430-11e3-95d1-bcaec5da2ffe} - K:\Startme.exe
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\...\MountPoints2: {f78d62ec-2eee-11e5-91c3-bcaec5da2ffe} - E:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-24] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{14847BEC-8CCC-4499-AB0D-78B099C5C4E1}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{89D5D2DE-B52D-4B31-93DF-D4D41F6B9539}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9F712A8E-A99B-471D-B53A-BC6EDD0B2917}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D0D90BB3-D490-4A41-826B-B112D0B36742}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q={searchTerms}
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.search.us.com/v/2/?guid={E5180186-3E1E-418E-A77E-33303A14C67D}&serpv=5
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-UA,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-UA,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3530776945-4030788160-3505166589-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-07-11] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-06-13] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 1kydystc.Niko
FF ProfilePath: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko [2017-08-10]
FF Homepage: Mozilla\Firefox\Profiles\1kydystc.Niko -> hxxps://www.google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\1kydystc.Niko -> hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwwSRQ4h-qPRjsOBvL3CoZSLZ9Jz-FQ8CJ8WwZ3JXhBIEPt3-CajbaWJCGatHCkmJB_53rJrE2mpScelDLaH8qZ8mttqOHihD6x8q9tXM597JM9tlxRyst2WGr49m8RW__rkUSbKdAEdWurvn-UYgSYb-Uc,&q=
FF Extension: (Video Downloader professional) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\ffext_basicvideoext@startpage24.xpi [2017-07-30]
FF Extension: (Video AdBlock) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1} [2016-03-06]
FF Extension: (Video DownloadHelper) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-13]
FF SearchPlugin: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\trovi-search.xml [2014-07-10]
FF SearchPlugin: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\Web Search.xml [2014-04-26]
FF Extension: (Hotspot Shield Extension) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2017-07-03] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: (Freemake Video Converter Plugin) - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-06-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: (Freemake Video Downloader Plugin) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-06-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: (Freemake Youtube Download Button) - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-06-20] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3530776945-4030788160-3505166589-1000: @tightropeinteractive.com/Plugin -> C:\Users\Niko\AppData\Local\TNT2\2.0.0.1627\npTNT2.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3530776945-4030788160-3505166589-1000: @tnt2ghost.com/Plugin -> C:\Users\Niko\AppData\Local\TNT2\2.0.0.1627\npTNT2ghost.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxps://www.google.de/?gws_rd=cr&ei=ObhbU72LDMWJtAbVlIHoAw","hxxps://www.youtube.com/"
CHR Profile: C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default [2017-08-11]
CHR Extension: (ProxFlow) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-01-24]
CHR Extension: (Google Docs) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Turn Off the Lights) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-08-08]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-03-06]
CHR Extension: (YouTube) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Freemake Video Downloader) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-06-20]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2013-12-25] [UpdateUrl: hxxps://dl.dropbox.com/u/9278456/Chrome_YouTube_Downloader/update.xml] <==== ACHTUNG
CHR Extension: (Adblock Plus) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-14]
CHR Extension: (Google-Suche) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-06-20]
CHR Extension: (Google Docs Offline) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-20]
CHR Extension: (Freemake Video Converter) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-06-20]
CHR Extension: (MySpass Adblocker) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjdpiilfcgggfhpgboiebimccnbebcj [2015-09-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Taylor Swift 2) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgnfgndihifalnjjdpfdednbfaibnik [2013-06-20]
CHR Extension: (Google Mail) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\WebCake\WebCakeLayers.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [Datei ist nicht signiert]
S4 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2610808 2017-06-15] (AnchorFree Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2157456 2017-06-13] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3127192 2017-06-13] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-07-03] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [103736 2013-07-03] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-05-08] (AnchorFree Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-08-11] ()
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-07-24] (AnchorFree Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-11] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation )
S3 RTL8192su; C:\Windows\System32\DRIVERS\RTL8192su.sys [676864 2009-11-11] (Realtek Semiconductor Corporation ) [Datei ist nicht signiert]
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12464 2017-08-06] (Macrovision Europe Ltd) [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-08] (Duplex Secure Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-07-24] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U3 an33jvwy; C:\Windows\System32\Drivers\an33jvwy.sys [0 ] (Advanced Micro Devices) <==== ACHTUNG (Null Byte Datei/Ordner)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-11 18:11 - 2017-08-11 18:12 - 000023545 _____ C:\Users\Niko\Downloads\FRST.txt
2017-08-11 18:11 - 2017-08-11 18:11 - 002381824 _____ (Farbar) C:\Users\Niko\Downloads\FRST64.exe
2017-08-10 18:30 - 2017-07-29 16:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-08-10 18:30 - 2017-07-21 16:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-08-10 18:30 - 2017-07-21 16:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2017-08-10 18:30 - 2017-07-21 16:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-08-10 18:30 - 2017-07-21 16:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-08-10 18:30 - 2017-07-15 20:35 - 000394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-08-10 18:30 - 2017-07-15 19:52 - 000346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-08-10 18:30 - 2017-07-14 17:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-08-10 18:30 - 2017-07-14 17:12 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-08-10 18:30 - 2017-07-14 17:12 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-08-10 18:30 - 2017-07-14 17:11 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-08-10 18:30 - 2017-07-14 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-08-10 18:30 - 2017-07-14 17:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-08-10 18:30 - 2017-07-14 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-08-10 18:30 - 2017-07-14 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-08-10 18:30 - 2017-07-14 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-08-10 18:30 - 2017-07-14 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-08-10 18:30 - 2017-07-14 16:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-08-10 18:30 - 2017-07-14 16:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-08-10 18:30 - 2017-07-14 16:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2017-08-10 18:30 - 2017-07-14 09:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-08-10 18:30 - 2017-07-14 09:15 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-08-10 18:30 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-08-10 18:30 - 2017-07-14 08:47 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-08-10 18:30 - 2017-07-14 08:45 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-08-10 18:30 - 2017-07-14 08:45 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-08-10 18:30 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-08-10 18:30 - 2017-07-14 08:44 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-08-10 18:30 - 2017-07-14 08:38 - 002899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-08-10 18:30 - 2017-07-14 08:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-08-10 18:30 - 2017-07-14 08:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-08-10 18:30 - 2017-07-14 08:22 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-08-10 18:30 - 2017-07-14 08:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-08-10 18:30 - 2017-07-14 08:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-08-10 18:30 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-08-10 18:30 - 2017-07-14 08:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-08-10 18:30 - 2017-07-14 08:08 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-08-10 18:30 - 2017-07-14 08:02 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-08-10 18:30 - 2017-07-14 07:49 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-08-10 18:30 - 2017-07-14 07:48 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-08-10 18:30 - 2017-07-14 07:47 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-08-10 18:30 - 2017-07-14 07:42 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-08-10 18:30 - 2017-07-14 07:40 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-08-10 18:30 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-08-10 18:30 - 2017-07-14 07:35 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-08-10 18:30 - 2017-07-14 07:33 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-08-10 18:30 - 2017-07-14 07:16 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-08-10 18:30 - 2017-07-14 07:11 - 000725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-08-10 18:30 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-08-10 18:30 - 2017-07-14 07:09 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-08-10 18:30 - 2017-07-14 07:09 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-08-10 18:30 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-08-10 18:30 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-08-10 18:30 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-08-10 18:30 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-08-10 18:30 - 2017-07-14 05:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-08-10 18:30 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-08-10 18:30 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-08-10 18:30 - 2017-07-14 04:48 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-08-10 18:30 - 2017-07-14 04:48 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-08-10 18:30 - 2017-07-14 04:48 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-08-10 18:30 - 2017-07-14 04:47 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-08-10 18:30 - 2017-07-14 04:44 - 002290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-08-10 18:30 - 2017-07-14 04:42 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-08-10 18:30 - 2017-07-14 04:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-08-10 18:30 - 2017-07-14 04:39 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-08-10 18:30 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-08-10 18:30 - 2017-07-14 04:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-08-10 18:30 - 2017-07-14 04:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-08-10 18:30 - 2017-07-14 04:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-08-10 18:30 - 2017-07-14 04:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-08-10 18:30 - 2017-07-14 04:25 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-08-10 18:30 - 2017-07-14 04:25 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-08-10 18:30 - 2017-07-14 04:23 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-08-10 18:30 - 2017-07-14 04:22 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-08-10 18:30 - 2017-07-14 04:21 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-08-10 18:30 - 2017-07-14 04:20 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-08-10 18:30 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-08-10 18:30 - 2017-07-14 04:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-08-10 18:30 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-08-10 18:30 - 2017-07-14 04:11 - 002057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-08-10 18:30 - 2017-07-14 04:11 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-08-10 18:30 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-08-10 18:30 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-08-10 18:30 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-08-10 18:30 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-08-10 18:30 - 2017-07-08 17:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-08-10 18:30 - 2017-07-08 17:00 - 003224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-08-10 18:30 - 2017-07-07 17:37 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-08-10 18:30 - 2017-07-07 17:33 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-08-10 18:30 - 2017-07-07 17:33 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-08-10 18:30 - 2017-07-07 17:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-08-10 18:30 - 2017-07-07 17:33 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-08-10 18:30 - 2017-07-07 17:33 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-08-10 18:30 - 2017-07-07 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:15 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-08-10 18:30 - 2017-07-07 17:15 - 003945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-08-10 18:30 - 2017-07-07 17:13 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-08-10 18:30 - 2017-07-07 17:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 17:02 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-08-10 18:30 - 2017-07-07 17:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-08-10 18:30 - 2017-07-07 17:01 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-08-10 18:30 - 2017-07-07 17:01 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-08-10 18:30 - 2017-07-07 16:58 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-08-10 18:30 - 2017-07-07 16:57 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-08-10 18:30 - 2017-07-07 16:54 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-08-10 18:30 - 2017-07-07 16:54 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-08-10 18:30 - 2017-07-07 16:54 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-08-10 18:30 - 2017-07-07 16:53 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-08-10 18:30 - 2017-07-07 16:53 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-08-10 18:30 - 2017-07-07 16:51 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-08-10 18:30 - 2017-07-07 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-08-10 18:30 - 2017-07-07 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-08-10 18:30 - 2017-07-07 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-08-10 18:30 - 2017-07-07 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-08-10 18:30 - 2017-07-07 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-08-10 18:30 - 2017-07-07 16:47 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 16:47 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 16:47 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-08-10 18:30 - 2017-07-07 16:47 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-08-10 18:30 - 2017-07-01 15:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-08-07 19:16 - 2017-08-07 20:04 - 000203988 _____ C:\TDSSKiller.3.1.0.15_07.08.2017_19.16.02_log.txt
2017-08-06 20:43 - 2017-08-06 20:44 - 000000000 ____D C:\Users\Niko\Documents\Harry Potter II
2017-08-06 20:38 - 2017-08-06 20:38 - 000002251 _____ C:\Users\Public\Desktop\Harry Potter und die Kammer des Schreckens.lnk
2017-08-06 20:38 - 2017-08-06 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2017-08-06 20:36 - 2017-08-06 20:36 - 000000000 ____D C:\Program Files (x86)\EA Games
2017-08-06 20:35 - 2017-08-06 20:35 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2017-08-06 20:35 - 2017-08-06 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2017-08-06 20:17 - 2017-08-07 06:16 - 000000000 ____D C:\Program Files\AVAST Software
2017-08-06 20:17 - 2017-08-06 20:32 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-06 11:59 - 2017-08-06 20:42 - 000012464 _____ (Macrovision Europe Ltd) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2017-08-06 11:56 - 2017-08-07 17:58 - 000001127 _____ C:\Users\Niko\Desktop\Call of Duty Mehrspieler.lnk
2017-08-06 11:56 - 2017-08-06 17:43 - 000001183 _____ C:\Users\Niko\Desktop\Call of Duty Einzelspieler.lnk
2017-08-06 11:56 - 2017-08-06 11:56 - 000000984 _____ C:\Users\Gast.Niko-PC\Desktop\Call of Duty Mehrspieler.lnk
2017-08-06 11:56 - 2017-08-06 11:56 - 000000984 _____ C:\Users\Gast.Niko-PC\Desktop\Call of Duty Einzelspieler.lnk
2017-08-06 11:55 - 2017-08-06 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty
2017-08-06 11:55 - 2017-08-06 11:55 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
2017-08-06 11:51 - 2017-08-06 11:56 - 000000745 _____ C:\Windows\CoD.INI
2017-08-06 11:45 - 2017-08-06 20:19 - 000000000 ____D C:\Users\Niko\Downloads\Call.of.Duty.2.DVD.GERMAN-NESSUNO - more games on GLOAD.cc
2017-08-06 11:27 - 2017-08-06 11:50 - 000000000 ____D C:\Users\Niko\Downloads\Call.Of.Duty.United.Offense.GERMAN-SiLENTGATE - more games on GLOAD.cc
2017-08-04 19:15 - 2017-08-10 18:34 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-03 19:08 - 2017-08-04 19:17 - 000000000 ____D C:\Users\Niko\Downloads\Kaspersky Crack
2017-07-29 12:14 - 2017-07-30 11:17 - 000000000 ____D C:\Users\Niko\Downloads\klg-best-box17
2017-07-26 20:02 - 2017-07-26 20:04 - 000000000 ____D C:\Users\Niko\Downloads\Disc 2
2017-07-26 20:02 - 2017-07-26 20:04 - 000000000 ____D C:\Users\Niko\Downloads\Disc 1
2017-07-23 14:53 - 2017-07-23 14:53 - 000001757 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-07-23 14:53 - 2017-07-23 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-07-23 14:52 - 2017-07-23 14:52 - 000000000 ____D C:\Program Files\iPod
2017-07-14 19:09 - 2017-05-03 17:34 - 000094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-14 19:09 - 2017-05-03 17:29 - 001206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-14 19:09 - 2017-05-03 15:05 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-14 19:09 - 2017-03-23 04:06 - 001691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-14 19:04 - 2017-06-15 22:23 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-14 19:04 - 2017-06-13 00:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-14 19:04 - 2017-06-13 00:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-14 19:04 - 2017-06-13 00:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-14 19:04 - 2017-06-13 00:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-14 19:04 - 2017-06-13 00:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-14 19:04 - 2017-06-13 00:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-14 19:04 - 2017-06-13 00:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-14 19:04 - 2017-06-13 00:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-14 19:04 - 2017-06-13 00:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-14 19:04 - 2017-06-10 17:59 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-14 19:04 - 2017-06-10 17:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-14 19:04 - 2017-06-09 17:33 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-14 19:04 - 2017-06-06 17:30 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-14 19:04 - 2017-06-06 17:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-14 19:04 - 2017-05-30 06:56 - 001895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-14 19:04 - 2017-05-30 06:56 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-14 19:04 - 2017-05-30 06:56 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-14 19:04 - 2017-05-16 17:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-14 19:04 - 2017-05-16 17:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-14 19:03 - 2017-05-21 06:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-14 19:03 - 2017-05-21 06:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-14 19:03 - 2017-05-16 17:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-11 18:11 - 2013-10-12 16:15 - 000000000 ____D C:\FRST
2017-08-11 18:11 - 2013-06-20 18:13 - 000000000 ____D C:\Users\Niko\AppData\Roaming\vlc
2017-08-11 18:06 - 2009-07-14 06:45 - 000023072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-11 18:06 - 2009-07-14 06:45 - 000023072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-11 18:00 - 2016-11-02 22:00 - 000000911 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job
2017-08-11 18:00 - 2016-11-02 22:00 - 000000725 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {78C1617E-DB1D-48B9-B4F4-5E56C6303F18}.job
2017-08-11 18:00 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-08-11 17:59 - 2015-02-25 15:42 - 000000000 ____D C:\Users\Niko\AppData\Local\JDownloader 2.0
2017-08-11 17:57 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-11 17:50 - 2014-01-30 13:18 - 000007612 _____ C:\Users\Niko\AppData\Local\Resmon.ResmonCfg
2017-08-11 17:46 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-08-11 17:44 - 2017-07-05 12:29 - 000000000 ____D C:\Program Files\Common Files\AV
2017-08-11 06:52 - 2009-07-14 19:58 - 000699432 _____ C:\Windows\system32\perfh007.dat
2017-08-11 06:52 - 2009-07-14 19:58 - 000149572 _____ C:\Windows\system32\perfc007.dat
2017-08-11 06:52 - 2009-07-14 07:13 - 001620684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-11 06:45 - 2009-07-14 06:45 - 005121880 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-10 21:14 - 2014-10-28 11:59 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-08-10 21:08 - 2013-07-23 02:35 - 000000000 ____D C:\Windows\system32\MRT
2017-08-10 21:04 - 2013-06-22 16:36 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-10 18:32 - 2015-11-02 18:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-10 18:02 - 2013-06-20 14:06 - 000000000 ____D C:\Users\Niko\AppData\Local\Adobe
2017-08-10 17:59 - 2016-11-24 18:44 - 000000000 ____D C:\Users\Niko\AppData\LocalLow\Mozilla
2017-08-08 19:16 - 2013-06-20 14:10 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-08-08 19:16 - 2013-06-20 14:10 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-08 19:16 - 2013-06-20 14:10 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-08-08 19:16 - 2013-06-20 14:10 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-08 19:16 - 2013-06-20 14:10 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-08 18:51 - 2017-02-05 12:26 - 000000000 ____D C:\Users\Niko\Desktop\Neuer Ordner
2017-08-08 18:27 - 2016-08-17 06:32 - 000000000 ____D C:\Users\Gast.Niko-PC
2017-08-08 06:30 - 2013-06-20 13:11 - 000002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-07 18:14 - 2009-07-14 07:08 - 000032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-07 18:02 - 2013-07-02 15:41 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-08-06 20:57 - 2013-10-12 20:29 - 000000000 ____D C:\Users\Niko\AppData\Roaming\dvdcss
2017-08-06 20:36 - 2013-10-12 00:55 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2017-08-06 20:36 - 2013-06-20 13:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-06 20:22 - 2013-06-20 17:43 - 000000000 ____D C:\Users\Niko\AppData\Local\CrashDumps
2017-08-06 17:42 - 2013-06-23 16:09 - 000000000 ____D C:\Program Files (x86)\Activision
2017-08-06 13:00 - 2014-08-13 12:20 - 000000000 ____D C:\Users\Niko\AppData\Local\ElevatedDiagnostics
2017-08-06 11:43 - 2013-06-20 14:43 - 000000000 ____D C:\Users\Niko\AppData\Roaming\DAEMON Tools Pro
2017-07-28 20:42 - 2009-07-14 04:34 - 000000478 _____ C:\Windows\win.ini
2017-07-26 20:18 - 2013-06-23 12:09 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Mp3tag
2017-07-26 20:10 - 2014-07-24 22:43 - 000000000 ____D C:\Users\Niko\AppData\Local\JDownloader v2.0
2017-07-26 20:07 - 2015-06-11 14:12 - 000000000 ____D C:\Users\Niko\Desktop\Trainingsmusik
2017-07-23 20:28 - 2013-06-20 13:49 - 000000000 ____D C:\Users\Niko\Desktop\Musik
2017-07-23 14:53 - 2015-10-04 21:30 - 000000000 ____D C:\Program Files\iTunes
2017-07-19 07:29 - 2013-06-20 17:42 - 000000000 ____D C:\Users\Niko\AppData\Roaming\Winamp
2017-07-18 08:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2017-07-15 22:23 - 2014-12-11 13:07 - 000000000 ____D C:\Windows\system32\appraiser
2017-07-14 18:27 - 2013-06-20 19:20 - 000000000 ____D C:\Program Files (x86)\Steam

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-05-02 06:29 - 2017-05-02 06:29 - 007649280 _____ () C:\Program Files (x86)\GUT7DF6.tmp
2014-04-27 19:32 - 2014-04-27 19:32 - 000001204 _____ () C:\Users\Niko\AppData\Roaming\.southparkloader.xml
2013-12-04 19:36 - 2013-12-04 19:37 - 000000624 _____ () C:\Users\Niko\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-12-11 20:01 - 2016-03-09 04:09 - 000000049 _____ () C:\Users\Niko\AppData\Roaming\install.imp
2015-10-15 16:14 - 2015-10-24 13:51 - 000000154 _____ () C:\Users\Niko\AppData\Roaming\Rim.Desktop.Exception.log
2015-10-15 16:06 - 2015-10-15 16:06 - 000001153 _____ () C:\Users\Niko\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-10-15 16:14 - 2015-10-24 13:51 - 000000154 _____ () C:\Users\Niko\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-05-10 14:45 - 2015-03-18 14:44 - 000001456 _____ () C:\Users\Niko\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-01-28 18:18 - 2014-01-28 18:18 - 000000006 _____ () C:\Users\Niko\AppData\Local\config.txt
2013-12-16 21:08 - 2013-12-16 21:08 - 000000000 ___SH () C:\Users\Niko\AppData\Local\LumaEmu
2014-07-11 11:50 - 2014-07-11 11:50 - 000002671 _____ () C:\Users\Niko\AppData\Local\recently-used.xbel
2014-01-30 13:18 - 2017-08-11 17:50 - 000007612 _____ () C:\Users\Niko\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
2017-08-04 20:38 - 2017-08-04 20:38 - 000040448 ____N () C:\Users\Niko\AppData\Local\Temp\proxy_vole2129202407163604852.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-04 21:13

==================== Ende von FRST.txt ============================
         

Alt 12.08.2017, 14:20   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.08.2017, 20:06   #12
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Hier die Logfiles:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.08.12.05
  rootkit: v2017.08.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18762
Niko :: NIKO-PC [administrator]

12.08.2017 17:43:31
mbar-log-2017-08-12 (17-43-31).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 398830
Time elapsed: 37 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Tarma Installer (Adware.Yontoo) -> Delete on reboot. [fd787c105e4b7cbaa31a36f8857c14ec]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Niko\AppData\Roaming\imlgs (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]

Files Detected: 437
C:\Users\Niko\AppData\Roaming\imlgs\01-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\01-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\21-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\26-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\12-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\16-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\14-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\03-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\06-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\19-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\24-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\17-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\18-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\13-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\15-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\22-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\23-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\27-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\28-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\04-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\05-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\02-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\11-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\29-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\30-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\07-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-02-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\08-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-02-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-03-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\09-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\10-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-04-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\20-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-01-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-01-2016 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\31-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-03-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-05-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-06-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-07-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-08-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-09-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-10-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-11-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-12-2014 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]
C:\Users\Niko\AppData\Roaming\imlgs\25-12-2015 (Trojan.StolenData) -> Delete on reboot. [3c3974188f1ad1652745d6f0659c0ef2]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
und nachdem 2 auslesen:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.08.12.05
  rootkit: v2017.08.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18762
Niko :: NIKO-PC [administrator]

12.08.2017 18:48:57
mbar-log-2017-08-12 (18-48-57).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 399258
Time elapsed: 40 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 14.08.2017, 11:02   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!




1. Schritt: adwCleaner v7.0.1.0

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel
    • Prefetch Dateien
    • Proxy
    • Winsock
    • IE Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.08.2017, 18:31   #14
DrRealtalk
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Vielen Dank schon einmal dass Sie mir so viel helfen!
Es ist schon besser geworden nachdem ich die beiden PÜrogramme durchlaufen lassen habe.

Hier die Logfiles:
Code:
ATTFilter
# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 14 16:00:56 2017
# Updated on 2017/05/08 by Malwarebytes 
# Database: 08-11-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.Elex, C:\Program Files (x86)\SearchProtect
Adware.Elex, C:\Users\Niko\AppData\Local\SearchProtect
PUP.Optional.Legacy, C:\Users\Niko\AppData\Local\Mobogenie
PUP.Optional.Legacy, C:\Users\Niko\Documents\Mobogenie
PUP.Optional.Legacy, C:\Users\Niko\AppData\Roaming\KW
PUP.Optional.Chip, C:\Program Files (x86)\Chip Digital GmbH
Adware.Yontoo, C:\ProgramData\Tarma Installer
Adware.Yontoo, C:\ProgramData\Application Data\Tarma Installer
Adware.Yontoo, C:\Users\All Users\Tarma Installer
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group
PUP.Optional.SpyHunter, C:\sh4ldr
Rogue.ForcedExtension, C:\ProgramData\apn
Rogue.ForcedExtension, C:\ProgramData\Application Data\apn
Rogue.ForcedExtension, C:\Users\All Users\apn


***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\Niko\daemonprocess.txt
PUP.Optional.Legacy, C:\END
PUP.Optional.Legacy, C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\Web Search.xml
PUP.Optional.Legacy, C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\trovi-search.xml
PUP.Optional.Legacy, C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\SEARCHPLUGINS\WEB SEARCH.XML


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\DriverTuner
PUP.Optional.Legacy, [Key] - HKCU\Software\DriverTuner
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\DriverTuner_Init
PUP.Optional.Legacy, [Key] - HKCU\Software\DriverTuner_Init
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\OB
PUP.Optional.Legacy, [Key] - HKCU\Software\OB
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {AE07101B-46D4-4A98-AF68-0333EA26E113}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Classes\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
PUP.Optional.WebCake, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
PUP.Optional.SofTonicAssistant, [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Softonic
PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Softonic
PUP.Optional.TidyNetwork, [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\TNT2
PUP.Optional.TidyNetwork, [Key] - HKCU\Software\TNT2
PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\InstallCore
PUP.Optional.InstallCore, [Key] - HKCU\Software\InstallCore


***** [ Firefox (and derivatives) ] *****

Plugin found: __MSG_appName__ - 


***** [ Chromium (and derivatives) ] *****

Plugin found: Freemake Video Converter - 
Plugin found: Freemake Video Converter - 
Plugin found: Video AdBlock for Chrome - 

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 


*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
         
Code:
ATTFilter
# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 14 16:01:55 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\SearchProtect
Deleted: C:\Users\Niko\AppData\Local\SearchProtect
Deleted: C:\Users\Niko\AppData\Local\Mobogenie
Deleted: C:\Users\Niko\Documents\Mobogenie
Deleted: C:\Users\Niko\AppData\Roaming\KW
Deleted: C:\Program Files (x86)\Chip Digital GmbH
Deleted: C:\ProgramData\Tarma Installer
Deleted: C:\ProgramData\Application Data\Tarma Installer
Deleted: C:\Users\All Users\Tarma Installer
Deleted: C:\Program Files\Enigma Software Group
Deleted: C:\sh4ldr
Deleted: C:\ProgramData\apn
Deleted: C:\ProgramData\Application Data\apn
Deleted: C:\Users\All Users\apn


***** [ Files ] *****

Deleted: C:\Users\Niko\daemonprocess.txt
Deleted: C:\END
Deleted: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\Web Search.xml
Deleted: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\searchplugins\trovi-search.xml
Deleted: C:\Users\Niko\AppData\Roaming\Mozilla\Firefox\Profiles\1kydystc.Niko\SEARCHPLUGINS\WEB SEARCH.XML


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\DriverTuner
Deleted: [Key] - HKCU\Software\DriverTuner
Deleted: [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\DriverTuner_Init
Deleted: [Key] - HKCU\Software\DriverTuner_Init
Deleted: [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\OB
Deleted: [Key] - HKCU\Software\OB
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}
Deleted: [Key] - HKCU\Software\Classes\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37}
Deleted: [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Classes\TypeLib\{ABB8A8A5-FF98-40F6-B573-5841B063EA37}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Deleted: [Key] - HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Deleted: [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\TNT2
Deleted: [Key] - HKCU\Software\TNT2
Deleted: [Key] - HKU\S-1-5-21-3530776945-4030788160-3505166589-1000\Software\InstallCore
Deleted: [Key] - HKCU\Software\InstallCore


***** [ Firefox (and derivatives) ] *****

Plugin deleted: __MSG_appName__ - 


***** [ Chromium (and derivatives) ] *****

Plugin deleted: Freemake Video Converter - 
Plugin deleted: Freemake Video Converter - 
Plugin deleted: Video AdBlock for Chrome - 


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [5997 B] - [2017/8/14 16:0:56]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64 
Ran by Niko (Administrator) on 14.08.2017 at 18:22:47,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 92 

Successfully deleted: C:\ProgramData\esellerate (Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh (Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj (Folder) 
Successfully deleted: C:\Users\Niko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\search.lnk (Shortcut) 
Successfully deleted: C:\Users\Public\Desktop\hotspot shield.lnk (Shortcut) 
Successfully deleted: C:\Program Files (x86)\GUT7DF6.tmp (File) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0BFYUY3N (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0H8F2TMW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0QQZBQ5U (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0W1FDS1M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WPTPLK1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OYC0V32 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\462F4OWN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6G80AXPR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CE85006 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8GEVQ5NC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9J89CLX3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BF4XPLK6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DWEKBJ8B (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ2C2GIG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F868G3XB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGU5L3E7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G2DPPM5L (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7RGXYNP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GWNO0L5V (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H5DR470Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HG06X3QV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HPUC3DAR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7I2NW2Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LBCU205M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LR4ST8D8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NL1ZEM6D (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O3AWTO9X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q42VAU99 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6SQNDY8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHA04WV4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7TWGTC0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TFJJ4SH3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TW2GZDO4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGXAKEJU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCOR55GF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXMR4NQH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y11UK1FO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y20KO73Y (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Niko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YUSB2S76 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0BFYUY3N (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0H8F2TMW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0QQZBQ5U (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0W1FDS1M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WPTPLK1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OYC0V32 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\462F4OWN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6G80AXPR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CE85006 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8GEVQ5NC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9J89CLX3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BF4XPLK6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DWEKBJ8B (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZ2C2GIG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F868G3XB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGU5L3E7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G2DPPM5L (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7RGXYNP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GWNO0L5V (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H5DR470Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HG06X3QV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HPUC3DAR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J7I2NW2Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LBCU205M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LR4ST8D8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NL1ZEM6D (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O3AWTO9X (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q42VAU99 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6SQNDY8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QHA04WV4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7TWGTC0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TFJJ4SH3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TW2GZDO4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGXAKEJU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCOR55GF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXMR4NQH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y11UK1FO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y20KO73Y (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YUSB2S76 (Temporary Internet Files Folder) 



Registry: 19 

Successfully deleted: HKCU\Software\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (Registry Key) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\AboutURLs\\Tabs (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.08.2017 at 18:25:43,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 14.08.2017, 18:55   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Standard

PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft



Okay, beide Tools bitte zwecks Kontrolle wiederholen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft
adobe, ausgelastet, avast, bonjour, cpu, defender, desktop, flash player, google, home, homepage, installation, kaspersky, langsam, mozilla, mp3, pc geht nichts mehr, pc kaputt, pc langsam, problem, prozesse, registry, scan, security, software, svchost.exe, system, windows



Ähnliche Themen: PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft


  1. Rechner Langsam und öffnet zig mal eine Datei, obwohl nur einmal angeklickt
    Log-Analyse und Auswertung - 18.11.2016 (6)
  2. PC läuft langsam, obwohl System neu aufgesetzt | Google Chrome sehr langsam, hängt sich auf
    Alles rund um Windows - 31.05.2016 (3)
  3. Arbeitsspeicher voll ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 02.02.2015 (1)
  4. Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE!
    Log-Analyse und Auswertung - 09.09.2014 (12)
  5. Arbeitsspeicher zur hälfte ausgelastet, obwohl alle Programme geschlossen.
    Plagegeister aller Art und deren Bekämpfung - 22.08.2014 (5)
  6. Arbeitsspeicher sofort ausgelastet
    Alles rund um Windows - 19.01.2014 (6)
  7. Alle Browser laufen langsam, obwohl Pc normal läuft
    Plagegeister aller Art und deren Bekämpfung - 27.07.2013 (8)
  8. GFilterSvc.exe in C/Windows/System 32 - Javascript wird nicht richtig ausgeführt - PC läuft langsam - MBAM meldet Datenausfuhr ins Netz
    Plagegeister aller Art und deren Bekämpfung - 06.05.2013 (17)
  9. Internetverbindung sehr, sehr langsam - Arbeitsspeicher ausgelastet
    Plagegeister aller Art und deren Bekämpfung - 03.11.2012 (0)
  10. Laptop wird nach 2 Stunden sehr langsam, Arbeitsspeicher zu 99 % ausgelastet
    Log-Analyse und Auswertung - 18.02.2012 (32)
  11. System dauerhaft über 50 % ausgelastet, Pc läuft somit super langsam ;-(
    Log-Analyse und Auswertung - 31.03.2011 (35)
  12. Arbeitsspeicher ausgelastet
    Log-Analyse und Auswertung - 04.02.2010 (0)
  13. Internet ist auf einmal langsam obwohl Trojaner gelöscht Iepy.exe
    Log-Analyse und Auswertung - 18.12.2009 (1)
  14. Viren oder zu wenig Arbeitsspeicher?
    Log-Analyse und Auswertung - 09.12.2009 (19)
  15. arbeitsspeicher ausgelastet?
    Mülltonne - 25.12.2008 (2)
  16. Arbeitsspeicher komplett ausgelastet, CPU 1%
    Plagegeister aller Art und deren Bekämpfung - 24.10.2007 (2)
  17. Meld.:Zu wenig Arbeitsspeicher - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 23.11.2004 (6)

Zum Thema PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft - Moin, seit kurzem habe ich das Problem dass mein PC sehr langsam geworden ist und der Arbeitsspeicher ziemlich ausgelastet ist, obwohl kaum Programme laufen. Leider habe ich davon nicht so - PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft...
Archiv
Du betrachtest: PC auf einmal richtig langsam und Arbeitsspeicher ausgelastet obwohl wenig läuft auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.