Windows 8 - LavasoftTcpService64.dll und LavasoftTcpServiceOff eingefangen

exogeen · 21.09.2017, 18:38

Hallo,
als ich ein Spiel auf Steam starten wollte, wurde mir eine Fehlermeldung angezeigt, dass die oben genannten Dateien den Start verhindern.
Danach gegoogelt bin ich auch schnell fündig geworden: Unerwünschte Dateien.
Jedoch habe ich keinerlei Ahnung, wie solche Dateien zu entfernen sind.

MfG Julian

M-K-D-B · 21.09.2017, 20:59

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

exogeen · 22.09.2017, 00:44

Hallo,
vorab schon mal Danke für die Hilfe!

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017
durchgeführt von Julian (Administrator) auf JULIANPC (22-09-2017 01:38:50)
Gestartet von C:\Users\Julian\Desktop
Geladene Profile: Julian (Verfügbare Profile: Julian)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Wargaming.net) D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamSpeak Systems GmbH) D:\Programme (x86)\ts3client_win64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\uninstallation_assistant_host.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Julian\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-28] (Gaijin Entertainment)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Discord] => C:\Users\Julian\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [World of Tanks] => "D:\World of Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [World of Tanks (1)] => D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Spotify] => C:\Users\Julian\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [GalaxyClient] => D:\Programme (x86)\GOG Galaxy\GalaxyClient.exe [5161536 2017-09-08] (GOG.com)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Spotify Web Helper] => C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\MountPoints2: {9cb3c07b-fe1f-11e4-8270-806e6f6e6963} - "G:\autorun.exe" 
HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-12-25]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\windows\SysWOW64\LavasoftTcpService.dll [342016 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9 02 C:\windows\SysWOW64\LavasoftTcpService.dll [342016 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9 03 C:\windows\SysWOW64\LavasoftTcpService.dll [342016 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9 04 C:\windows\SysWOW64\LavasoftTcpService.dll [342016 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9 15 C:\windows\SysWOW64\LavasoftTcpService.dll [342016 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\windows\system32\LavasoftTcpService64.dll [422400 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\windows\system32\LavasoftTcpService64.dll [422400 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\windows\system32\LavasoftTcpService64.dll [422400 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\windows\system32\LavasoftTcpService64.dll [422400 2015-08-08] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\windows\system32\LavasoftTcpService64.dll [422400 2015-08-08] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{55905A7B-D38A-4C05-B346-B12C55900D9D}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{DD4F3609-B808-43BD-8ECA-B4A87964F757}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll => Keine Datei
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default [2017-09-22]
FF user.js: detected! => C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default\user.js [2015-08-08]
FF Extension: (Adblock Plus) - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-25]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-21] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3495731131-4003904178-1165495969-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3495731131-4003904178-1165495969-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-30] ()

Chrome: 
=======
CHR Profile: C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default [2017-09-21]
CHR Extension: (Google Präsentationen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-29]
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-29]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-29]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-29]
CHR Extension: (Adblock Plus) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-21]
CHR Extension: (Steam Inventory Helper) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-09-21]
CHR Extension: (Google Tabellen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-29]
CHR Extension: (Kaspersky Protection) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-21]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [399120 2017-02-13] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Programme (x86)\GOG Galaxy\GalaxyClientService.exe [532544 2017-09-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-08-25] (GOG.com)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme (x86)\Origin\OriginClientService.exe [2098528 2017-09-03] (Electronic Arts)
S2 Origin Web Helper Service; D:\Programme (x86)\Origin\OriginWebHelperService.exe [2977640 2017-09-03] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2016-02-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe" [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 ESEADriver2; C:\Users\Julian\AppData\Local\Temp\ESEADriver2.sys [326792 2017-07-26] () <==== ACHTUNG
S3 Hamachi; C:\windows\system32\DRIVERS\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
R0 kl1; C:\windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\windows\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\windows\system32\DRIVERS\klflt.sys [197312 2017-07-25] (AO Kaspersky Lab)
R1 klhk; C:\windows\system32\DRIVERS\klhk.sys [520176 2017-04-12] (AO Kaspersky Lab)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [1021624 2017-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\windows\system32\DRIVERS\klim6.sys [57424 2016-12-16] (AO Kaspersky Lab)
R3 klkbdflt; C:\windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\windows\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\windows\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 klwfp; C:\windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\windows\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\windows\system32\DRIVERS\kneps.sys [199640 2017-07-25] (AO Kaspersky Lab)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 NVVADARM; C:\windows\system32\drivers\nvvadarm.sys [46016 2017-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation)
R3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 cpuz135; \??\C:\Users\Julian\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X] <==== ACHTUNG
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-22 01:38 - 2017-09-22 01:38 - 000022932 _____ C:\Users\Julian\Desktop\FRST.txt
2017-09-22 01:37 - 2017-09-22 01:37 - 002399744 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2017-09-21 19:08 - 2017-09-21 19:08 - 000069344 _____ C:\Users\Julian\Downloads\Addition.txt
2017-09-21 19:08 - 2017-09-21 19:08 - 000053958 _____ C:\Users\Julian\Downloads\FRST.txt
2017-09-21 19:07 - 2017-09-22 01:38 - 000000000 ____D C:\FRST
2017-09-21 19:07 - 2017-09-21 19:07 - 002399744 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2017-09-21 17:30 - 2017-09-21 17:30 - 000002157 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-09-21 17:30 - 2017-09-21 17:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-21 17:30 - 2017-09-16 19:17 - 000135800 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2017-09-21 17:30 - 2017-07-20 19:21 - 000905504 _____ C:\windows\system32\vulkan-1.dll
2017-09-21 17:30 - 2017-07-20 19:21 - 000776992 _____ C:\windows\SysWOW64\vulkan-1.dll
2017-09-21 17:30 - 2017-07-20 19:21 - 000578848 _____ C:\windows\system32\vulkaninfo.exe
2017-09-21 17:30 - 2017-07-20 19:21 - 000477472 _____ C:\windows\SysWOW64\vulkaninfo.exe
2017-09-21 17:29 - 2017-09-16 19:34 - 000548472 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2017-09-21 17:29 - 2017-09-16 19:34 - 000082040 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 040240064 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 035883640 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 035314112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 028987512 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 023132720 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 018849968 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 017808120 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 015427520 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 013782720 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 012241792 _____ (NVIDIA Corporation) C:\windows\system32\nvptxJitCompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 011692856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 010087504 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvptxJitCompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 003793016 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 003346368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001988216 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6438569.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001606592 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6438569.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001067456 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001005176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000972920 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000924096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000895968 _____ (NVIDIA Corporation) C:\windows\system32\nvmcumd.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000690504 _____ (NVIDIA Corporation) C:\windows\system32\nvfatbinaryLoader.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000609912 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000578056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvfatbinaryLoader.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000512672 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000499136 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000491720 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000429920 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000407064 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000218712 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 000171384 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000154392 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000149040 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000132256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000124536 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcaparm.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000046016 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvadarm.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 000045976 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000000669 _____ C:\windows\SysWOW64\nv-vk32.json
2017-09-21 17:27 - 2017-09-16 21:23 - 000000669 _____ C:\windows\system32\nv-vk64.json
2017-09-21 17:17 - 2017-09-21 17:30 - 000000000 ____D C:\windows\LastGood
2017-09-21 17:17 - 2017-09-21 17:17 - 000004146 _____ C:\windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003852 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003814 _____ C:\windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003738 _____ C:\windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003730 _____ C:\windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003554 _____ C:\windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-19 09:20 - 000121280 _____ C:\windows\system32\NvRtmpStreamer64.dll
2017-09-21 17:17 - 2017-09-19 09:20 - 000057792 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvhci.sys
2017-09-21 17:17 - 2017-09-19 09:20 - 000048064 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2017-09-21 17:17 - 2017-09-18 23:29 - 000001951 _____ C:\windows\NvTelemetryContainerRecovery.bat
2017-09-21 17:17 - 2017-09-16 19:54 - 000001951 _____ C:\windows\NvContainerRecovery.bat
2017-09-21 17:16 - 2017-09-21 17:17 - 083757104 _____ (NVIDIA Corporation) C:\Users\Julian\Downloads\GeForce_Experience_v3.9.0.97.exe
2017-09-21 16:52 - 2017-09-21 16:52 - 000000000 _____ C:\windows\cd_127
2017-09-21 14:46 - 2017-09-21 14:46 - 000002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-20 23:42 - 2017-09-20 23:42 - 000012936 _____ C:\Users\Julian\Desktop\Stundenplan - Uni.pdf
2017-09-17 12:45 - 2017-09-17 12:45 - 1116115571 ____N C:\windows\MEMORY.DMP
2017-09-17 12:45 - 2017-09-17 12:45 - 000278704 _____ C:\windows\Minidump\091717-43984-01.dmp
2017-09-13 15:58 - 2017-09-13 15:58 - 000188806 _____ C:\Users\Julian\Desktop\cm._2017-09-13_1558502891363651769514687.pdf
2017-09-13 14:26 - 2017-08-18 00:07 - 000537200 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-09-13 14:26 - 2017-08-18 00:03 - 000450392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-09-13 14:26 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-09-13 14:26 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-09-13 14:26 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-09-13 14:26 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-09-13 14:26 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-09-13 14:26 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-09-13 14:26 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-09-13 14:26 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-09-13 14:26 - 2017-08-13 18:15 - 007078912 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-09-13 14:26 - 2017-08-13 18:05 - 000380416 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-09-13 14:26 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-09-13 14:26 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-09-13 14:26 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-09-13 14:26 - 2017-08-13 17:52 - 005274624 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-09-13 14:26 - 2017-08-13 17:52 - 000486912 _____ (Microsoft Corporation) C:\windows\system32\tpmvsc.dll
2017-09-13 14:26 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-09-13 14:26 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-09-13 14:26 - 2017-08-13 17:44 - 000331776 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-09-13 14:26 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-09-13 14:26 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-09-13 14:26 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-09-13 14:26 - 2017-08-13 17:25 - 007797248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-09-13 14:26 - 2017-08-13 17:18 - 005270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 14:26 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-09-13 14:26 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-09-13 14:26 - 2017-08-12 11:30 - 022361344 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-09-13 14:26 - 2017-08-12 11:26 - 019789736 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-09-13 14:26 - 2017-08-12 02:39 - 001364552 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-09-13 14:26 - 2017-08-12 01:59 - 007440728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-09-13 14:26 - 2017-08-12 01:58 - 001737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-09-13 14:26 - 2017-08-11 22:46 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPTpm12.dll
2017-09-13 14:26 - 2017-08-11 22:13 - 000175616 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll
2017-09-13 14:26 - 2017-08-11 05:30 - 004170240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-09-13 14:26 - 2017-08-11 05:27 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-09-13 14:26 - 2017-08-11 04:38 - 000477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-09-13 14:26 - 2017-08-11 04:08 - 001753600 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2017-09-13 14:26 - 2017-08-11 04:08 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2017-09-13 14:26 - 2017-08-11 04:02 - 001084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-09-13 14:26 - 2017-08-11 03:52 - 001491456 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2017-09-13 14:26 - 2017-08-11 03:44 - 001095680 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-09-13 14:26 - 2017-08-11 03:43 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-09-13 14:26 - 2017-08-06 09:13 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-09-13 14:26 - 2017-07-17 21:53 - 004298240 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2017-09-13 14:26 - 2017-07-17 01:55 - 003551744 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2017-09-13 14:26 - 2017-07-14 01:03 - 002013528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-09-13 14:26 - 2017-07-12 22:29 - 000420440 _____ (Microsoft Corporation) C:\windows\system32\wevtapi.dll
2017-09-13 14:26 - 2017-07-12 22:25 - 000308872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wevtapi.dll
2017-09-13 14:26 - 2017-07-08 05:14 - 000100184 ____C (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2017-09-13 14:25 - 2017-08-19 19:27 - 000237568 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2017-09-13 14:25 - 2017-08-19 18:48 - 000215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2017-09-13 14:25 - 2017-08-18 00:07 - 000140016 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2017-09-13 14:25 - 2017-08-18 00:03 - 000136832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2017-09-13 14:25 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-09-13 14:25 - 2017-08-15 16:01 - 000128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-09-13 14:25 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-09-13 14:25 - 2017-08-13 19:19 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nsiproxy.sys
2017-09-13 14:25 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-09-13 14:25 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-09-13 14:25 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-09-13 14:25 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-09-13 14:25 - 2017-08-13 18:21 - 000145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-09-13 14:25 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-09-13 14:25 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-09-13 14:25 - 2017-08-13 18:14 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-09-13 14:25 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-09-13 14:25 - 2017-08-13 17:51 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-09-13 14:25 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-09-13 14:25 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-09-13 14:25 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-09-13 14:25 - 2017-08-12 01:58 - 001502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-09-13 14:25 - 2017-08-11 22:29 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\PCPTpm12.dll
2017-09-13 14:25 - 2017-08-11 05:27 - 000281600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2017-09-13 14:25 - 2017-08-11 03:49 - 000346624 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2017-09-13 14:25 - 2017-08-11 03:41 - 000307200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2017-09-13 14:25 - 2017-08-06 23:20 - 000607232 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-09-13 14:25 - 2017-07-22 20:34 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
2017-09-13 14:25 - 2017-07-22 19:32 - 000027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsium.dll
2017-09-13 14:25 - 2017-07-12 22:29 - 000075440 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-09-13 14:25 - 2017-07-12 22:25 - 000066112 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-09-13 14:25 - 2017-07-08 21:03 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-09-13 14:25 - 2017-07-08 20:43 - 000197632 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-09-13 14:25 - 2017-07-08 20:30 - 000039936 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-09-13 14:25 - 2017-07-08 20:20 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-09-13 14:25 - 2017-07-08 19:25 - 001436160 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-09-13 14:25 - 2017-07-08 19:00 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-09-12 22:09 - 2017-09-12 22:09 - 000000000 ____D C:\Users\Julian\Desktop\MP_MODSPACK
2017-09-12 22:05 - 2017-09-12 22:05 - 010353001 _____ C:\Users\Julian\Downloads\[DLC - SP and MP] NQMod v12.2.zip
2017-09-06 14:21 - 2017-09-06 14:21 - 000355567 _____ C:\Users\Julian\Downloads\SKMBT_C28017090611100.pdf
2017-09-04 18:26 - 2017-09-04 18:26 - 000000000 ____D C:\Users\Julian\AppData\Local\UnrealEngine
2017-09-04 18:26 - 2017-09-04 18:26 - 000000000 ____D C:\Users\Julian\AppData\Local\TslGame
2017-09-02 14:41 - 2017-09-03 16:44 - 000000000 ____D C:\Users\Julian\Desktop\Warcraft III
2017-09-01 20:57 - 2017-09-01 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Empire Earth Gold [GOG.com]
2017-09-01 20:53 - 2017-09-01 20:53 - 000000742 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\Users\Julian\AppData\Local\GOG.com
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\ProgramData\GOG.com
2017-09-01 20:51 - 2017-09-01 20:52 - 162203456 _____ (GOG.com ) C:\Users\Julian\Downloads\setup_galaxy_1.2.20.36.exe
2017-08-28 20:31 - 2017-08-28 20:31 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\Battlestate Games
2017-08-28 20:30 - 2017-08-28 20:30 - 000000000 ____D C:\Users\Julian\Documents\Escape from Tarkov
2017-08-28 20:10 - 2017-08-28 20:10 - 000000766 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\Users\Julian\AppData\Local\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\ProgramData\Battlestate Games
2017-08-28 20:07 - 2017-08-28 20:08 - 053713176 _____ (Battlestate Games ) C:\Users\Julian\Downloads\BsgLauncher.0.2.1.156.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-22 01:18 - 2017-01-17 22:09 - 000000000 ____D C:\Users\Julian\AppData\Roaming\TS3Client
2017-09-22 01:14 - 2015-08-08 19:21 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-21 23:39 - 2016-10-09 14:06 - 000000000 ____D C:\Users\Julian\AppData\Local\Anno Online
2017-09-21 23:37 - 2015-08-08 20:21 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-21 23:11 - 2015-08-08 20:29 - 000000000 ____D C:\Users\Julian\AppData\Local\Battle.net
2017-09-21 20:30 - 2015-08-08 20:29 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-21 18:11 - 2016-11-16 13:35 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\Mozilla
2017-09-21 17:55 - 2015-04-20 16:58 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-21 17:33 - 2015-08-08 19:04 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3495731131-4003904178-1165495969-1001
2017-09-21 17:32 - 2015-03-11 13:18 - 000766276 _____ C:\windows\system32\perfh007.dat
2017-09-21 17:32 - 2015-03-11 13:18 - 000160034 _____ C:\windows\system32\perfc007.dat
2017-09-21 17:32 - 2014-11-22 03:01 - 001783084 _____ C:\windows\system32\PerfStringBackup.INI
2017-09-21 17:32 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2017-09-21 17:30 - 2015-10-11 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-21 17:30 - 2015-04-20 16:58 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-09-21 17:30 - 2015-04-20 16:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-21 17:29 - 2015-04-20 16:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-21 17:28 - 2015-10-15 23:10 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Spotify
2017-09-21 17:28 - 2015-10-15 23:10 - 000000000 ____D C:\Users\Julian\AppData\Local\Spotify
2017-09-21 17:19 - 2015-10-11 13:25 - 000000000 ____D C:\Users\Julian\AppData\Local\NVIDIA Corporation
2017-09-21 17:19 - 2015-08-08 18:59 - 000000000 ____D C:\Users\Julian\AppData\Local\NVIDIA
2017-09-21 17:17 - 2015-10-11 13:25 - 000001436 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-09-21 16:54 - 2015-08-08 19:03 - 000000000 ____D C:\Users\Julian\OneDrive
2017-09-21 16:53 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-09-21 16:52 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2017-09-21 14:46 - 2016-06-29 11:54 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 14:45 - 2016-06-29 11:49 - 001130328 _____ (Google Inc.) C:\Users\Julian\Downloads\ChromeSetup.exe
2017-09-21 14:29 - 2015-08-08 19:37 - 000004342 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-09-21 14:29 - 2015-08-08 19:36 - 000000000 ____D C:\Users\Julian\AppData\Local\Adobe
2017-09-21 14:29 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-09-21 14:29 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2017-09-20 23:42 - 2016-02-25 16:34 - 000117760 ___SH C:\Users\Julian\Downloads\Thumbs.db
2017-09-20 15:12 - 2017-07-26 15:25 - 000000000 ____D C:\Users\Julian\AppData\Roaming\AlbionOnline
2017-09-19 15:52 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-19 15:52 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2017-09-19 09:20 - 2015-10-11 13:25 - 001923008 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001755072 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001505728 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001317312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 000179136 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 000146368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2017-09-18 19:04 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2017-09-17 12:45 - 2015-08-21 18:12 - 000000000 ____D C:\windows\Minidump
2017-09-16 21:23 - 2015-04-20 16:58 - 021407000 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 018706120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 014688256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 004188872 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 003692216 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 001615448 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 001606592 _____ (NVIDIA Corporation) C:\windows\system32\nvmcvadgenco64.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000512960 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000418752 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000044180 _____ C:\windows\system32\nvinfo.pb
2017-09-16 19:34 - 2015-04-20 16:58 - 006463424 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 002478528 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 001762752 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 000392312 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 000069752 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2017-09-15 17:03 - 2015-04-20 16:58 - 008248071 _____ C:\windows\system32\nvcoproc.bin
2017-09-15 14:31 - 2013-08-22 16:44 - 000498152 _____ C:\windows\system32\FNTCACHE.DAT
2017-09-15 03:32 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2017-09-14 21:19 - 2015-08-10 22:12 - 000000000 ____D C:\windows\system32\MRT
2017-09-14 21:17 - 2015-03-10 11:41 - 138202976 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-09-14 21:17 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2017-09-14 20:07 - 2015-08-11 13:47 - 000612352 ___SH C:\Users\Julian\Desktop\Thumbs.db
2017-09-13 01:19 - 2015-08-12 13:19 - 006476800 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2017-09-10 03:54 - 2015-08-17 02:27 - 000000000 ____D C:\ProgramData\Origin
2017-09-10 01:19 - 2015-08-17 02:28 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Origin
2017-09-07 15:12 - 2017-07-26 15:13 - 000000000 ____D C:\Program Files (x86)\AlbionOnline
2017-09-02 23:55 - 2015-08-08 20:29 - 000000000 ____D C:\Users\Julian\AppData\Local\Blizzard Entertainment
2017-09-02 01:54 - 2014-11-22 07:29 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 01:54 - 2014-11-22 07:29 - 000177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-01 17:26 - 2016-11-16 05:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-01 17:26 - 2015-08-08 19:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-20 17:06 - 2015-04-20 17:06 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-08 19:40 - 2015-08-08 19:40 - 000000032 _____ () C:\ProgramData\Temp.log
2015-04-20 18:02 - 2015-04-20 18:02 - 000000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-04-20 17:58 - 2015-04-20 17:58 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-04-20 18:01 - 2015-04-20 18:01 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-04-20 17:56 - 2015-04-20 17:57 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-04-20 17:57 - 2015-04-20 17:57 - 000000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2015-04-20 17:58 - 2015-04-20 17:58 - 000000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

Einige Dateien in TEMP:
====================
2017-06-27 19:50 - 2017-06-27 19:50 - 000008720 _____ () C:\Users\Julian\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-06-27 19:51 - 2017-06-27 19:51 - 000012080 _____ () C:\Users\Julian\AppData\Local\Temp\BullseyeCoverage-x64-3.dll
2017-06-27 19:53 - 2017-06-27 19:53 - 000010520 _____ () C:\Users\Julian\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-07-02 18:34 - 2006-08-21 22:09 - 000040960 _____ () C:\Users\Julian\AppData\Local\Temp\comver.dll
2017-01-01 23:25 - 2017-01-01 23:25 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Julian\AppData\Local\Temp\jansi-64-1698362706062980916.dll
2017-01-01 22:43 - 2017-01-01 22:43 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Julian\AppData\Local\Temp\jansi-64-405200828569151077.dll
2017-01-01 22:57 - 2017-01-01 22:57 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Julian\AppData\Local\Temp\jansi-64-5083714273185470827.dll
2015-10-11 13:30 - 2015-10-03 04:18 - 000835592 _____ (NVIDIA Corporation) C:\Users\Julian\AppData\Local\Temp\nvSCPAPI64.dll
2017-09-21 17:28 - 2015-10-03 04:18 - 000316024 _____ (NVIDIA Corporation) C:\Users\Julian\AppData\Local\Temp\nvStInst.exe
2015-11-02 17:36 - 2010-06-15 18:03 - 000149352 ____R (Microsoft Corporation) C:\Users\Julian\AppData\Local\Temp\ose00000.exe
2017-01-30 21:31 - 2017-01-30 21:35 - 1388312032 _____ () C:\Users\Julian\AppData\Local\Temp\ubiB347.tmp.exe
2017-08-08 15:27 - 2017-08-08 15:27 - 013767776 _____ (Microsoft Corporation) C:\Users\Julian\AppData\Local\Temp\vcredist_x86.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-18 18:38

==================== Ende von FRST.txt ============================

--- --- ---

exogeen · 22.09.2017, 00:46

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von Julian (22-09-2017 01:39:09)
Gestartet von C:\Users\Julian\Desktop
Windows 8.1 (Update) (X64) (2015-08-08 16:59:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3495731131-4003904178-1165495969-500 - Administrator - Disabled)
Gast (S-1-5-21-3495731131-4003904178-1165495969-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3495731131-4003904178-1165495969-1003 - Limited - Enabled)
Julian (S-1-5-21-3495731131-4003904178-1165495969-1001 - Administrator - Enabled) => C:\Users\Julian

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version:  - Sandbox Interactive GmbH)
AlienFX for KoneXTD (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
Anno Online (HKLM\...\Steam App 336510) (Version:  - Blue Byte)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Batman: Arkham Asylum GOTY Edition (HKLM\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 0.2.1.156 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.2.1.156 - Battlestate Games)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Empire Earth Gold Edition (HKLM-x32\...\1207658777_is1) (Version: 2.1.0.17 - GOG.com)
Endless Legend (HKLM\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
ESEA (HKLM\...\Steam App 479130) (Version:  - ESEA)
ESEA Client (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2014 (HKLM\...\Steam App 226580) (Version:  - Codemasters)
For Honor Open Beta (HKLM\...\Steam App 572600) (Version:  - Ubisoft Montreal)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{85E3592A-8C11-44F4-AABD-F82EF41167AD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\GameRanger) (Version:  - GameRanger Technologies)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.91 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version:  - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
Hero of the Kingdom (HKLM\...\Steam App 259550) (Version:  - Lonely Troops)
Hero of the Kingdom II (HKLM\...\Steam App 346560) (Version:  - Lonely Troops)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes of Might & Magic III - HD Edition (HKLM-x32\...\Steam App 297000) (Version:  - DotEmu)
Heroes of Might & Magic V (HKLM\...\Steam App 15170) (Version:  - Nival)
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kingdom Rush (HKLM\...\Steam App 246420) (Version:  - Ironhide Game Studio)
Kingdom Rush Frontiers (HKLM\...\Steam App 458710) (Version:  - Ironhide Game Studio)
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\Steam App 32440) (Version:  - Traveller's Tales)
Magicka (HKLM\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.0 - Ubisoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{26E474C7-E63A-4EC2-A08C-909B996AA75D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F78F19A8-F3F5-4407-B98B-F23ACC82DBF5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Neverwinter (HKLM\...\Steam App 109600) (Version:  - Cryptic Studios)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 385.69 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.44.0 - Overwolf Ltd.)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Spotify (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 2 (HKLM\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold HD (HKLM\...\Steam App 40950) (Version:  - FireFly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version:  - Rune Forge)
Titan Quest (HKLM\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Tower Wars (HKLM\...\Steam App 214360) (Version:  - SuperVillain Studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 26.0 - Ubisoft)
Valokuvavalikoima (HKLM-x32\...\{B315ABA6-8217-484E-9AC5-38806E265664}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
World of Tanks (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
Yu-Gi-Oh! Legacy of the Duelist (HKLM\...\Steam App 480650) (Version:  - Other Ocean Interactive)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A911D77-F086-4808-8ED7-A044F5758B66} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: {0AA0938B-8DC1-4A27-92C9-445A08E4BBEF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {2D413BD3-9068-44CC-A219-F38F263A6EB9} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
Task: {2E102776-F9A8-4307-8BB4-5393A31D60F3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {36E5AD62-0468-447F-B862-6534046CCB07} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ACHTUNG
Task: {499491A7-2617-4A71-8633-984D9EF142C5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {711FCD02-4903-4575-8DDA-80A89D1687B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-09-14] (Microsoft Corporation)
Task: {73FF3D9E-438B-4B96-874B-1DD4BFA5877B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {7A97ACA1-8F23-4677-9A0E-B57DA961B5DB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {7EA5AC2B-2B1F-4069-B18E-6CFCFE01615E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {94F3D13F-128D-4F2F-B33E-84C5ACF0882F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {A766DD9D-8F3F-412E-AED3-86FF473B769A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {A9C31928-EE7F-471F-BCFE-397F6F385F6B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-21] (Adobe Systems Incorporated)
Task: {AE2C14E6-119A-421C-B6FE-4A7425DE92FE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {B7E65F4E-A24A-4638-A3E0-C641CCBC938E} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ACHTUNG
Task: {BAFA3744-4A21-43C7-88AB-05E7ED80712E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {BF766CA0-5BF8-47AC-B9BC-F7E91ED9177A} - System32\Tasks\DllKitPRO => C:\Program Files (x86)\DllKitPRO\dllkitpro.exe
Task: {C97325EF-0FC0-4432-A4CF-3C8C795D8B1C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {DA7D195F-2D67-4242-91A4-13A1FF02B8B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-02-26 21:10 - 2016-02-26 21:10 - 000066872 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2016-07-14 12:25 - 2016-07-14 12:25 - 000174872 _____ () D:\Programme (x86)\quazip.dll
2016-07-14 12:25 - 2016-07-14 12:25 - 000103192 _____ () D:\Programme (x86)\soundbackends\directsound_win64.dll
2016-07-14 12:25 - 2016-07-14 12:25 - 000107800 _____ () D:\Programme (x86)\soundbackends\windowsaudiosession_win64.dll
2016-07-14 12:26 - 2016-07-14 12:26 - 000312088 _____ () D:\Programme (x86)\plugins\clientquery_plugin.dll
2016-07-14 12:26 - 2016-07-14 12:26 - 000485656 _____ () D:\Programme (x86)\plugins\teamspeak_control_plugin.dll
2013-05-09 18:58 - 2013-05-09 18:58 - 000119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2017-09-21 17:17 - 2017-09-19 09:20 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-04-20 16:58 - 2017-09-16 19:34 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-12-25 12:46 - 2012-06-17 12:20 - 000061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2015-04-20 16:54 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 002603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 13:53 - 2013-03-07 13:53 - 000015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 001006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 000382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2010-01-12 17:55 - 2010-01-12 17:55 - 000400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2010-01-12 17:55 - 2010-01-12 17:55 - 000322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2010-12-16 13:16 - 2010-12-16 13:16 - 000195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2010-01-18 00:34 - 2010-01-18 00:34 - 000062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 13:55 - 2013-03-07 13:55 - 000472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 13:58 - 2013-03-07 13:58 - 000499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 13:54 - 2013-03-07 13:54 - 000013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 014978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 009224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 000317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2017-09-21 17:17 - 2017-09-19 09:20 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-08-08 20:21 - 2017-08-04 23:19 - 000678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-08 20:21 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-08 20:21 - 2017-09-07 06:51 - 002505504 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-08 20:21 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-08 20:21 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-08 20:21 - 2016-01-27 09:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-08 20:21 - 2016-01-27 09:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-08 20:21 - 2016-01-27 09:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-08 20:21 - 2016-01-27 09:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-08 20:21 - 2016-01-27 09:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-08 20:21 - 2017-09-07 06:51 - 000885024 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 10:25 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 21:33 - 2017-07-18 00:50 - 073115424 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-11 20:27 - 2017-05-17 03:54 - 000678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2015-08-08 20:21 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-07-13 12:44 - 2017-07-18 00:50 - 001936672 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2017-07-13 12:44 - 2017-07-18 00:50 - 000113952 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:gs5sys [7170]
AlternateDataStreams: C:\Users\All Users:gs5sys [7170]
AlternateDataStreams: C:\Users\Julian:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [7170]
AlternateDataStreams: C:\Users\Julian\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\Documents\desktop.ini:gs5sys [1792]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [1792]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img2.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\StartupApproved\Run: => "EADM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{096DFC34-12BD-434C-AD70-F47D88536B8C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9DE07622-811F-4EA1-BC55-60F955CB6752}] => (Allow) LPort=2869
FirewallRules: [{3EBD42D7-5C51-425C-B78C-10AD1560FE28}] => (Allow) LPort=1900
FirewallRules: [{6068CCCC-A939-4123-B4DF-778DE024F608}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B9AF728-55C6-4668-9FE8-DE0E3BD5B01E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{49C0B3BB-C44B-45FB-A1AF-C83D0D851596}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D8356300-67D8-479F-B69D-13B507B119D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{64DF2826-1C25-481D-B0D5-C59B2C4B07DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7E2C513C-D236-4FE1-A1DA-766B5F9E5435}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9D5A38CF-363B-4EBE-8275-9C39179E8917}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{412748C3-9F1A-489B-9AC0-693214EBBC06}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A48FA158-EE2B-4EF5-9FFD-9B9120653996}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{AE25FAEC-858E-4EF3-B851-CD0C744F3B0C}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{6C586E2A-EA1A-42AC-84FC-6522F76BBDFE}] => (Allow) D:\Programme (x86)\Stean\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{4D746C7B-55A1-4ED6-9554-BD8CDB171D5B}] => (Allow) D:\Programme (x86)\Stean\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{9F72F94F-FF2A-4BAC-8459-23E4B41CB3DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{C8D93904-D974-45CC-9273-06B9607F64EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{F6660E96-CC3F-485C-BBEE-817EB8F84AE0}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{23AA6437-B6BF-476F-A986-07BB21878F07}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{324FE250-1585-422D-BFDD-59DF278CC964}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{E431A44B-263E-48E4-9BAC-A2B0790ECE8F}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{C565ABE3-FCCF-41C2-98E3-AECA1BEAF039}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0C1B7594-52BD-4A90-9086-928A63493CB0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3045FC76-2E89-4D91-8F6C-E2CDAF4A53B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4DF97779-F3EC-4C62-B5F1-2E1F27FF6850}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B18D5DE-45AE-40D3-974A-832D8A5C5D4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{AEDD3FFC-5C51-45E4-82E9-993D3FF6C250}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F2944914-6605-4D4A-924B-E56BCE11A998}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0C9EBAA4-6AAC-46AA-ABBB-0EF03A102842}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe
FirewallRules: [{D1F83C64-CA42-46B8-AC22-B7A676ADC00D}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe
FirewallRules: [{A28C7E94-371B-493E-ADC4-6C7863351977}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F96305F1-AD49-406A-9CB2-3A4EAD4042CF}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{19BA35C9-6A6D-48C8-9A75-6E8021D1F036}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8F66A4F4-762E-4EAE-8AC7-D48D6BAA99E5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{5C80B3A8-A5C5-4B0F-A0C4-09CEA08D894B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A255999-736B-43FE-BA76-350E8B023814}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C7F2F2B4-24A3-4FFC-BD28-F29603B8E4E2}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{B6FFD04D-1117-4123-88E5-6CB215494AEB}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{768BE801-35CC-4427-8C85-2A393D828D90}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D35F0830-C839-4058-BD31-E84B7D14DA5D}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{627B4F88-7C9C-4BE5-AC58-0CB1C983D40D}C:\users\julian\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\julian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{74D4ED98-206F-4690-9FE6-BE402379F818}C:\users\julian\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\julian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{90042C4C-2AA2-484B-92E7-2EADF0478278}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{5860D4DD-F622-4671-BC59-AC9907B48A8C}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{91E4A173-B8D9-4357-B552-0A6DFD06F3CE}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F287B956-D07E-4D5E-8F2C-C34F17699C92}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EA553328-59D7-42AB-92D3-37F90AC87263}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{01CE3913-B5CD-444D-A3E2-7B508A23FFE2}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{7D8EE856-C399-47F8-BEF6-1790F250DA9A}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\swkotor\swkotor.exe
FirewallRules: [{75F23A89-35E7-4BC3-BA04-FB61D64E0962}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\swkotor\swkotor.exe
FirewallRules: [{14DCE211-DF1B-447A-A015-302129EAB183}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{259685BD-6B87-4ECE-86EF-3A3D73BE7A45}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{B08D2E7E-D4C6-447F-96EC-BD751313595D}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{B6DD3D66-4EEE-49F4-9F52-617EEE48F526}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{479FC9C4-3231-4EEE-B634-0CFA9AAA5425}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{1E98CF52-8CCC-4ADA-AB4B-00DCC73329BA}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [TCP Query User{227464CA-DF43-4BCF-9BF1-80AD3B724FFD}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{658C7512-5DE5-4E25-983F-BCEFAF12E105}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{11521C48-5680-4C25-AABF-A073A909A8E2}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{DE967BBE-1C02-484B-BC52-5359A617305B}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{2B473DC7-C5DE-4005-BA83-1D2C8A7EC901}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{702EB35F-AB41-43CF-84E8-34B7671BCBEF}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE
FirewallRules: [{FE01990B-E73A-48DC-8E7F-B8E8DE69E34F}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{0DE3DC00-9FDE-4C65-9FE3-D8EE8BE3DDC2}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe
FirewallRules: [{4D7C8429-1863-4946-8174-68CEAFE6AAC5}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{BDD41BD3-95DB-471E-94A1-EC9382B8EF99}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe
FirewallRules: [{F9A1F8EA-B775-4D2F-A446-F135A8B1464A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4CED1950-040F-476B-9805-7E89217BC9B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4E5920AB-3DFA-477B-BD59-6FBC1F1CFD71}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E37748D2-A9A8-4CDC-B639-41BBD3B15B1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{454D6226-D923-430C-8EC0-AD4EBD71EAC1}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Hero of the Kingdom\Hero of the Kingdom.exe
FirewallRules: [{E13BB0A8-D2AD-42AD-9C11-014362E6045C}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Hero of the Kingdom\Hero of the Kingdom.exe
FirewallRules: [{60FB8B7E-3D15-4948-A82E-845BC35C9DFD}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed Hot Pursuit\Launcher.exe
FirewallRules: [{3FB75C6F-8786-43B6-9E48-D91DA7DA79C4}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed Hot Pursuit\Launcher.exe
FirewallRules: [{CE7ADFE6-1DE5-4EF3-A795-6979372C4F89}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Tower Wars\TW.exe
FirewallRules: [{EFD68A20-77F6-424B-8F39-6C79D458E72E}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Tower Wars\TW.exe
FirewallRules: [{6CEAB024-5EA1-4BA4-957C-E59D709ECA66}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{C4BE450D-9A98-40D0-B42F-1DB0E21B091F}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{E855B491-2C35-4B9B-998E-88674930F3B3}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{FD187B8D-155A-424B-B4BB-F7A1F3841F1D}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{66E6ECD5-84D1-481D-9DC1-39A0B92B0DA4}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Hero of the Kingdom II\Hero of the Kingdom II.exe
FirewallRules: [{094D130D-0604-403A-A90A-9934D7170184}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Hero of the Kingdom II\Hero of the Kingdom II.exe
FirewallRules: [{86F64624-13B6-41CD-BA88-E88D525E0E3E}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{5CF8B480-25C0-4A8B-B8C7-4AD51758FA4D}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{DEE24634-6E77-4FFC-B14C-2AA9337C878F}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{C2721A7C-C428-46FA-AE64-78AB8EC36DBA}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{69F90B91-9B18-45D2-8AF8-9D899B0DF731}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B00EE5D9-98D3-438F-90EC-A5E135B850C5}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{413EF580-137D-4258-8075-B8B859FD1E1E}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{3AE9B206-BA96-4EE3-B87F-E017DB07D87C}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{0CF5A0C1-6AD1-48FF-BD7C-2AF423FAC591}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{85869DB8-C7C4-4882-A2E3-279400F7EEA5}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{E4158DD8-82B4-4DD7-BE2D-B53970B44BF0}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Kingdom Rush\Kingdom Rush.exe
FirewallRules: [{BF64F6CA-9692-4C26-8879-FE559FF2A4FC}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Kingdom Rush\Kingdom Rush.exe
FirewallRules: [{7022F5C3-B6EA-421E-AA2C-62B230BF18C3}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{0A15B0A7-5FA0-4612-A3D4-40CA3EFCE081}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{F51D9E57-955B-4D1D-A91D-C72F8D626F6A}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{78A1B0D4-1D8B-4E8D-B64B-FA8394BA4060}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{453458F5-22C7-4142-B347-B3AE6864E4E1}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{357E518E-6A0B-4E8B-AAE0-240A5F4C9EE2}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{DF2BFF3B-F699-4621-BAF9-BF1348AD2AB0}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{024DD665-2772-498B-BBF4-CCE80FC26692}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{33BF633C-0F32-4825-BF28-066BC62C5BE2}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{95347C05-6DB2-4B97-86E1-E99DAD1D8DE3}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{D9863011-733C-436A-BB72-A6B8C64D40D6}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{04E20D88-04BB-43A0-9C89-5CCB645331AC}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{63170B9B-85D4-4660-9E18-283E616EB301}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Kingdom Rush Frontiers\Kingdom Rush Frontiers.exe
FirewallRules: [{7F2AB5D0-A2D8-478C-B197-22A903CBD463}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Kingdom Rush Frontiers\Kingdom Rush Frontiers.exe
FirewallRules: [{7B727DBE-5052-4BFD-9CBD-208F7B4FECA4}] => (Allow) D:\Programme (x86)\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{2ED6A9CC-D89A-469E-827B-B8CACD866794}] => (Allow) D:\Programme (x86)\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{20AA36EF-ACAC-4CE1-A143-534359A0C7E3}] => (Allow) D:\Programme (x86)\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{169ECED8-38C0-4D08-9988-A5A05A639DBD}] => (Allow) D:\Programme (x86)\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{48547F9C-0FA6-4565-8FF3-CEA0192AE94F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A5868F6C-0FF0-4A3D-8E84-555C1D665B5F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{590DA06B-B837-4F3F-96FF-5698C7CB7E21}] => (Allow) D:\Programme (x86)\Might & Magic Heroes VI.exe
FirewallRules: [{754217A0-611A-4D31-AF9A-B329E468297A}] => (Allow) D:\Programme (x86)\Might & Magic Heroes VI.exe
FirewallRules: [{C1231725-113A-454D-9ACF-3D6E87B919F1}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{F536D6A1-8189-4218-A103-91044196E6B0}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{FEF9E5B9-C375-4EF6-8651-267076D55A7B}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\For Honor Open Beta\forhonor.exe
FirewallRules: [{C75393DD-664E-438F-A9F5-A076F7CF39E5}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\For Honor Open Beta\forhonor.exe
FirewallRules: [{22F78EF5-9394-40FD-A2A6-F3804A9E45F6}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\ESEA Premium\eseaclientsteam.exe
FirewallRules: [{68176A0D-3FE8-4982-96DA-C03A31513A52}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\ESEA Premium\eseaclientsteam.exe
FirewallRules: [{DB5EE420-5C49-4DA6-874B-1C8D9D02DA73}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{F4CAFF39-5871-4492-9AE2-E78F8261960D}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{F5D4BE78-47DB-4680-B41E-9D198596CF10}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DF6E6D36-F929-4B7C-AEAE-910168AA8982}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{51BE9DD0-E12A-4DDB-9B13-C87667964704}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{CABFF18B-161C-4C61-8C5C-6D13AC4C1903}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{CBD99F96-EE7C-4931-BE47-9F47DFC94E98}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{7A884186-318B-4F2E-BDF1-DE68E6AAC953}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{1977666D-9A67-4E27-8A82-8D829408EDCA}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{FA6C3E20-C9E5-4366-BFDD-C563CE0C1CDB}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{20C7C60F-EF89-461F-856D-41085054D297}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\bin\H5_Game.exe
FirewallRules: [{5F18D4C4-3F26-4FC4-BA98-B76F46537C98}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Heroes of Might and Magic 5\bin\H5_Game.exe
FirewallRules: [{1CC715E0-E2F5-4A22-8740-7272F7550940}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Stronghold 2\Stronghold2.exe
FirewallRules: [{1FCF04BF-A4A8-40F2-AFAA-E1E2CD650243}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Stronghold 2\Stronghold2.exe
FirewallRules: [{6C8B2001-ADF7-460B-A716-485A03E929D3}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CD93302D-2A35-4BE2-98E1-19806763F269}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5ABDE821-7919-4DEC-BC0C-6B4E2C00AAC3}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{5F276C6D-10A5-4939-A3EF-11C7B81CB865}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{FA3F329C-E244-4ABD-A315-A2376892C173}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{E28B171A-CEDE-4264-B3F8-E730230CF493}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{6C90B9F0-A3E2-4C51-AE0F-0F8AE5FE641B}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{4F1B5EB8-6856-47FE-8BC7-B95FB737C92D}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{BBFA6DFE-3078-4885-8927-ADEAF708F0A0}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Yu-Gi-Oh! Legacy of the Duelist\YuGiOh.exe
FirewallRules: [{2613E989-33F4-47A5-B7EF-6ED478187842}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Yu-Gi-Oh! Legacy of the Duelist\YuGiOh.exe
FirewallRules: [{EC010EBC-77F3-4A87-BF57-A43D4DF268A6}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4606DE6C-1D32-4A88-8776-78091EBDD543}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{78340781-5F36-40D2-9D9B-3F3014933B98}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{150C4AB2-C6F3-41BB-8028-5F5042E85DBE}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{96EE02EC-860A-4BF3-8262-1F42190CDF4E}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{AE23E56D-F876-4792-8A7B-4497AF4DFCF7}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D1BD7F8A-E2EB-4E32-9113-9CF09B570443}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{905202DF-356E-4771-B5B8-B26F33ABD656}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{A24FD2D0-A597-48E8-ACE9-A31A3E6CD7CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{31128527-F777-4A62-871F-0152091EC23A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{59B92E85-C329-40ED-B201-7E30F8302CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{25EB5331-D118-4DFC-9DF2-36BF3F08FA42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{77BC689F-EEB4-442D-A1F7-EC7BF48CBB0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4BF08310-F926-4D5B-ACA2-BD2A5FBE32B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{59112946-7086-4454-A3E8-4B4826CAA60F}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{8FA1362C-1A2F-49A4-ACD2-3A0A26FB4B79}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{908C6C88-5E0B-4F07-89A1-ADDDC0D69A71}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Anno Online\nw.exe
FirewallRules: [{5258357F-3E2A-4F49-8353-3AAE5BB405CC}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Anno Online\nw.exe

==================== Wiederherstellungspunkte =========================

14-09-2017 21:14:09 Windows Update
21-09-2017 19:39:51 chip 1-click download service wurde entfernt.

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/21/2017 06:05:00 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (09/21/2017 05:15:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1868

Startzeit: 01d332ec4c6d746e

Endzeit: 14

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: a3e79bd9-9edf-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:07:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15e8

Startzeit: 01d332eb19d2feda

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: 8c45832a-9ede-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:05:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a68

Startzeit: 01d332ea564fd91b

Endzeit: 7

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: f1633d2b-9edd-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:00:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8f8

Startzeit: 01d332ea07bea96e

Endzeit: 18

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: 8b34f74a-9edd-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 04:53:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x634
Startzeit der fehlerhaften Anwendung: 0x01d332e95409ad0f
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: 9aaecb82-9edc-11e7-82e4-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 01:38:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Battle.net Helper.exe, Version: 0.0.0.0, Zeitstempel: 0x599dc107
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2623.1435.0, Zeitstempel: 0x591a1a2e
Ausnahmecode: 0x80000003
Fehleroffset: 0x0019b129
ID des fehlerhaften Prozesses: 0x1d40
Startzeit der fehlerhaften Anwendung: 0x01d3326925e2c0bb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Battle.net\Battle.net.9262\Battle.net Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Battle.net\Battle.net.9262\libcef.dll
Berichtskennung: da0ef609-9e5c-11e7-82e3-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/18/2017 06:42:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{f9b7d767-aa8f-42f6-b493-9b0ba819592d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (09/17/2017 03:02:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: XComGame.exe, Version: 1.0.0.4963, Zeitstempel: 0x5293c800
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2c60
Startzeit der fehlerhaften Anwendung: 0x01d32fb1d188e7af
Pfad der fehlerhaften Anwendung: D:\Programme (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 85cd1ba6-9ba8-11e7-82e3-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/17/2017 12:45:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x674
Startzeit der fehlerhaften Anwendung: 0x01d32fa2060cd2c6
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: 4d23a732-9b95-11e7-82e3-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (09/21/2017 04:55:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/21/2017 04:53:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NvStreamKms" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/21/2017 04:53:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/21/2017 04:53:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/21/2017 04:53:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/21/2017 04:53:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/21/2017 04:53:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.

Error: (09/21/2017 04:53:04 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/21/2017 04:53:04 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (09/21/2017 04:53:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\windows\system32\Rtlihvs.dll
Fehlercode: 126


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 12240.42 MB
Verfügbarer physikalischer RAM: 8041.09 MB
Summe virtueller Speicher: 24528.42 MB
Verfügbarer virtueller Speicher: 19166.02 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.53 GB) (Free:26.12 GB) NTFS
Drive d: (Data) (Fixed) (Total:1802.89 GB) (Free:1204.08 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:40.59 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

exogeen · 22.09.2017, 00:52

Code:

ATTFilter

01:47:01.0622 0x26f0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
01:47:01.0622 0x26f0  UEFI system
01:49:50.0675 0x26f0  ============================================================
01:49:50.0675 0x26f0  Current date / time: 2017/09/22 01:49:50.0675
01:49:50.0675 0x26f0  SystemInfo:
01:49:50.0675 0x26f0  
01:49:50.0675 0x26f0  OS Version: 6.3.9600 ServicePack: 0.0
01:49:50.0675 0x26f0  Product type: Workstation
01:49:50.0675 0x26f0  ComputerName: JULIANPC
01:49:50.0675 0x26f0  UserName: Julian
01:49:50.0675 0x26f0  Windows directory: C:\windows
01:49:50.0675 0x26f0  System windows directory: C:\windows
01:49:50.0675 0x26f0  Running under WOW64
01:49:50.0675 0x26f0  Processor architecture: Intel x64
01:49:50.0675 0x26f0  Number of processors: 8
01:49:50.0675 0x26f0  Page size: 0x1000
01:49:50.0675 0x26f0  Boot type: Normal boot
01:49:50.0675 0x26f0  CodeIntegrityOptions = 0x00000001
01:49:50.0675 0x26f0  ============================================================
01:49:50.0799 0x26f0  KLMD registered as C:\windows\system32\drivers\94834551.sys
01:49:50.0799 0x26f0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18790, osProperties = 0x19
01:49:51.0022 0x26f0  System UUID: {583A2EC9-E302-6964-5B68-BA024883F341}
01:49:51.0361 0x26f0  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:49:51.0377 0x26f0  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:49:51.0413 0x26f0  ============================================================
01:49:51.0413 0x26f0  \Device\Harddisk0\DR0:
01:49:51.0413 0x26f0  GPT partitions:
01:49:51.0413 0x26f0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F9B7D767-AA8F-42F6-B493-9B0BA819592D}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
01:49:51.0414 0x26f0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {190E368A-74D8-4E3D-BAF8-18612B08DDB2}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
01:49:51.0414 0x26f0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A5C3C03B-72FE-4F06-9367-99ACA76466B8}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
01:49:51.0414 0x26f0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {350EE35C-30EF-4DDD-8211-35986A40F035}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
01:49:51.0414 0x26f0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F1C4C12C-D252-448F-BF17-414470E90990}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0xEB0F800
01:49:51.0414 0x26f0  MBR partitions:
01:49:51.0414 0x26f0  \Device\Harddisk1\DR1:
01:49:51.0414 0x26f0  GPT partitions:
01:49:51.0443 0x26f0  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E8A38025-092A-494F-B77F-E82797E240E2}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
01:49:51.0443 0x26f0  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1D1359DA-0263-4268-A8DA-37863290CFEB}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xE15C8000
01:49:51.0443 0x26f0  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BD9E4861-085E-4EBE-A6A0-D74A775046EA}, Name: Basic data partition, StartLBA 0xE1608800, BlocksNum 0x77FF800
01:49:51.0443 0x26f0  MBR partitions:
01:49:51.0443 0x26f0  ============================================================
01:49:51.0445 0x26f0  C: <-> \Device\Harddisk0\DR0\Partition5
01:49:51.0465 0x26f0  D: <-> \Device\Harddisk1\DR1\Partition2
01:49:51.0503 0x26f0  E: <-> \Device\Harddisk1\DR1\Partition3
01:49:51.0503 0x26f0  ============================================================
01:49:51.0504 0x26f0  Initialize success
01:49:51.0504 0x26f0  ============================================================
01:50:30.0653 0x00b0  ============================================================
01:50:30.0653 0x00b0  Scan started
01:50:30.0653 0x00b0  Mode: Manual; SigCheck; TDLFS; 
01:50:30.0653 0x00b0  ============================================================
01:50:30.0653 0x00b0  KSN ping started
01:50:30.0732 0x00b0  KSN ping finished: true
01:50:33.0032 0x00b0  ================ Scan system memory ========================
01:50:33.0032 0x00b0  System memory - ok
01:50:33.0032 0x00b0  ================ Scan services =============================
01:50:33.0075 0x00b0  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
01:50:33.0115 0x00b0  1394ohci - ok
01:50:33.0133 0x00b0  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\windows\system32\drivers\3ware.sys
01:50:33.0143 0x00b0  3ware - ok
01:50:33.0156 0x00b0  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\windows\system32\drivers\ACPI.sys
01:50:33.0171 0x00b0  ACPI - ok
01:50:33.0175 0x00b0  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\windows\system32\Drivers\acpiex.sys
01:50:33.0182 0x00b0  acpiex - ok
01:50:33.0185 0x00b0  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
01:50:33.0190 0x00b0  acpipagr - ok
01:50:33.0193 0x00b0  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
01:50:33.0199 0x00b0  AcpiPmi - ok
01:50:33.0203 0x00b0  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\windows\System32\drivers\acpitime.sys
01:50:33.0209 0x00b0  acpitime - ok
01:50:33.0226 0x00b0  [ 3E27E2DAA6869642B2DCB85C777E38B7, FB60068DFEA117006D8236DE73CC5A9B65272C6F739E2C8D1DD771360B9D989F ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:50:33.0236 0x00b0  AdobeFlashPlayerUpdateSvc - ok
01:50:33.0250 0x00b0  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\windows\system32\drivers\ADP80XX.SYS
01:50:33.0269 0x00b0  ADP80XX - ok
01:50:33.0276 0x00b0  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
01:50:33.0286 0x00b0  AeLookupSvc - ok
01:50:33.0297 0x00b0  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\windows\system32\drivers\afd.sys
01:50:33.0312 0x00b0  AFD - ok
01:50:33.0317 0x00b0  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\windows\system32\drivers\agp440.sys
01:50:33.0323 0x00b0  agp440 - ok
01:50:33.0327 0x00b0  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\windows\system32\DRIVERS\ahcache.sys
01:50:33.0334 0x00b0  ahcache - ok
01:50:33.0338 0x00b0  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\windows\System32\alg.exe
01:50:33.0345 0x00b0  ALG - ok
01:50:33.0351 0x00b0  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\windows\System32\drivers\amdk8.sys
01:50:33.0358 0x00b0  AmdK8 - ok
01:50:33.0363 0x00b0  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
01:50:33.0370 0x00b0  AmdPPM - ok
01:50:33.0374 0x00b0  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\windows\system32\drivers\amdsata.sys
01:50:33.0380 0x00b0  amdsata - ok
01:50:33.0387 0x00b0  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
01:50:33.0396 0x00b0  amdsbs - ok
01:50:33.0400 0x00b0  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\windows\system32\drivers\amdxata.sys
01:50:33.0405 0x00b0  amdxata - ok
01:50:33.0409 0x00b0  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\windows\system32\drivers\appid.sys
01:50:33.0415 0x00b0  AppID - ok
01:50:33.0418 0x00b0  [ 942C8297400FCFB13CEE3F3CD89C5CE5, AFD9EC35F6C44D86DD5943A2AB0B99B0C1B1783D70FD966F6467F97F0831403F ] AppIDSvc        C:\windows\System32\appidsvc.dll
01:50:33.0425 0x00b0  AppIDSvc - ok
01:50:33.0429 0x00b0  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\windows\System32\appinfo.dll
01:50:33.0436 0x00b0  Appinfo - ok
01:50:33.0447 0x00b0  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\windows\system32\AppReadiness.dll
01:50:33.0460 0x00b0  AppReadiness - ok
01:50:33.0484 0x00b0  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\windows\system32\appxdeploymentserver.dll
01:50:33.0509 0x00b0  AppXSvc - ok
01:50:33.0514 0x00b0  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\windows\system32\drivers\arcsas.sys
01:50:33.0521 0x00b0  arcsas - ok
01:50:33.0524 0x00b0  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\windows\system32\drivers\atapi.sys
01:50:33.0529 0x00b0  atapi - ok
01:50:33.0535 0x00b0  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
01:50:33.0544 0x00b0  AudioEndpointBuilder - ok
01:50:33.0562 0x00b0  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\windows\System32\Audiosrv.dll
01:50:33.0580 0x00b0  Audiosrv - ok
01:50:33.0595 0x00b0  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
01:50:33.0606 0x00b0  AVP17.0.0 - ok
01:50:33.0610 0x00b0  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\windows\System32\AxInstSV.dll
01:50:33.0617 0x00b0  AxInstSV - ok
01:50:33.0627 0x00b0  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
01:50:33.0641 0x00b0  b06bdrv - ok
01:50:33.0645 0x00b0  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
01:50:33.0651 0x00b0  BasicDisplay - ok
01:50:33.0654 0x00b0  [ 195BD339B4B782B42C19489DCFB4D110, E63CC0AEF1875D5D127E341CF65117DABC9E376A83E615EC8D01F6AB705DABAD ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
01:50:33.0661 0x00b0  BasicRender - ok
01:50:33.0665 0x00b0  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\windows\System32\drivers\bcmfn2.sys
01:50:33.0670 0x00b0  bcmfn2 - ok
01:50:33.0678 0x00b0  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\windows\System32\bdesvc.dll
01:50:33.0688 0x00b0  BDESVC - ok
01:50:33.0691 0x00b0  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\windows\system32\drivers\Beep.sys
01:50:33.0697 0x00b0  Beep - ok
01:50:33.0723 0x00b0  [ F2926650190022DB0700549B09FB7BD3, 70BDD5DCD7660436A413E3D41125DAA93A991058377DEE7C0028C2CFCB024C44 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
01:50:33.0748 0x00b0  BEService - ok
01:50:33.0764 0x00b0  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\windows\System32\bfe.dll
01:50:33.0781 0x00b0  BFE - ok
01:50:33.0798 0x00b0  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\windows\System32\qmgr.dll
01:50:33.0817 0x00b0  BITS - ok
01:50:33.0823 0x00b0  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
01:50:33.0830 0x00b0  bowser - ok
01:50:33.0836 0x00b0  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
01:50:33.0845 0x00b0  BrokerInfrastructure - ok
01:50:33.0850 0x00b0  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\windows\System32\browser.dll
01:50:33.0857 0x00b0  Browser - ok
01:50:33.0861 0x00b0  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
01:50:33.0867 0x00b0  BthAvrcpTg - ok
01:50:33.0871 0x00b0  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
01:50:33.0877 0x00b0  BthHFEnum - ok
01:50:33.0880 0x00b0  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
01:50:33.0887 0x00b0  bthhfhid - ok
01:50:33.0896 0x00b0  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\windows\System32\BthHFSrv.dll
01:50:33.0906 0x00b0  BthHFSrv - ok
01:50:33.0910 0x00b0  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
01:50:33.0916 0x00b0  BTHMODEM - ok
01:50:33.0921 0x00b0  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\windows\system32\bthserv.dll
01:50:33.0928 0x00b0  bthserv - ok
01:50:33.0931 0x00b0  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
01:50:33.0938 0x00b0  cdfs - ok
01:50:33.0945 0x00b0  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\windows\System32\drivers\cdrom.sys
01:50:33.0953 0x00b0  cdrom - ok
01:50:33.0958 0x00b0  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc     C:\windows\System32\certprop.dll
01:50:33.0966 0x00b0  CertPropSvc - ok
01:50:33.0970 0x00b0  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\windows\System32\drivers\circlass.sys
01:50:33.0975 0x00b0  circlass - ok
01:50:33.0983 0x00b0  [ 39D72BA91AFE3C81C1AB0DE41AA07EF3, E5FCE197700E68D48A1701030AAF33E41C44A929B47D79B5C91C68B86684FFB0 ] CLFS            C:\windows\system32\drivers\CLFS.sys
01:50:33.0995 0x00b0  CLFS - ok
01:50:34.0002 0x00b0  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
01:50:34.0008 0x00b0  CmBatt - ok
01:50:34.0014 0x00b0  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km           C:\windows\system32\DRIVERS\cm_km.sys
01:50:34.0022 0x00b0  cm_km - ok
01:50:34.0033 0x00b0  [ C8823A6ECE66B997C8E9F413D1D671E7, D739A194BCA4C1979C5B2A71F4B8DAB0BCC1524808C50BA302847B6C82D77250 ] CNG             C:\windows\system32\Drivers\cng.sys
01:50:34.0048 0x00b0  CNG - ok
01:50:34.0053 0x00b0  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
01:50:34.0058 0x00b0  CompositeBus - ok
01:50:34.0062 0x00b0  COMSysApp - ok
01:50:34.0065 0x00b0  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\windows\system32\drivers\condrv.sys
01:50:34.0071 0x00b0  condrv - ok
01:50:34.0082 0x00b0  cpuz135 - ok
01:50:34.0087 0x00b0  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\windows\system32\cryptsvc.dll
01:50:34.0094 0x00b0  CryptSvc - ok
01:50:34.0098 0x00b0  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\windows\system32\drivers\dam.sys
01:50:34.0104 0x00b0  dam - ok
01:50:34.0120 0x00b0  [ 20CC6E9FE25ACD34BE4FCDDB7B08364D, 295B2BBDC860A4CD65CD09C975D08CA1B8E4FE60AD0CA084CAB149A3E9D64B40 ] DcomLaunch      C:\windows\system32\rpcss.dll
01:50:34.0138 0x00b0  DcomLaunch - ok
01:50:34.0149 0x00b0  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\windows\System32\defragsvc.dll
01:50:34.0162 0x00b0  defragsvc - ok
01:50:34.0171 0x00b0  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\windows\system32\das.dll
01:50:34.0182 0x00b0  DeviceAssociationService - ok
01:50:34.0187 0x00b0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
01:50:34.0194 0x00b0  DeviceInstall - ok
01:50:34.0199 0x00b0  [ 4FED6AD69C9EE1EE7FD3C88437138855, 71E0863898F2E3B1F9769C8A9980E2063042961D417FE0C969B2E5B7A0013978 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
01:50:34.0206 0x00b0  Dfsc - ok
01:50:34.0214 0x00b0  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\windows\system32\dhcpcore.dll
01:50:34.0224 0x00b0  Dhcp - ok
01:50:34.0251 0x00b0  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\windows\system32\diagtrack.dll
01:50:34.0279 0x00b0  DiagTrack - ok
01:50:34.0285 0x00b0  [ BF6D8575DDF30384939B2D5251F27C1F, 1605530BC61FB726F1095C5B5C8E27B18C06BCE01948550988E9EDCEBBCC0B3D ] disk            C:\windows\system32\drivers\disk.sys
01:50:34.0291 0x00b0  disk - ok
01:50:34.0294 0x00b0  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
01:50:34.0300 0x00b0  dmvsc - ok
01:50:34.0306 0x00b0  [ D9F407D006C916B7EC167858F88F13EB, 0D0FF69F9C695A2371DF798429EA2AA7B96F1C552EDC70DA4DD61EC8BD5563A3 ] Dnscache        C:\windows\System32\dnsrslvr.dll
01:50:34.0315 0x00b0  Dnscache - ok
01:50:34.0321 0x00b0  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\windows\System32\dot3svc.dll
01:50:34.0331 0x00b0  dot3svc - ok
01:50:34.0336 0x00b0  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\windows\system32\dps.dll
01:50:34.0345 0x00b0  DPS - ok
01:50:34.0348 0x00b0  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
01:50:34.0353 0x00b0  drmkaud - ok
01:50:34.0359 0x00b0  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
01:50:34.0367 0x00b0  DsmSvc - ok
01:50:34.0392 0x00b0  [ 24C40570BAFEA48E9CB2B87008DCA152, 2D7CCBE5C354667BFBA0B6D6B8F34201AD2992273FB98767C9AD3C72D890A628 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
01:50:34.0422 0x00b0  DXGKrnl - ok
01:50:34.0427 0x00b0  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\windows\System32\eapsvc.dll
01:50:34.0434 0x00b0  Eaphost - ok
01:50:34.0436 0x00b0  EasyAntiCheat - ok
01:50:34.0500 0x00b0  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\windows\system32\drivers\evbda.sys
01:50:34.0558 0x00b0  ebdrv - ok
01:50:34.0567 0x00b0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\windows\System32\lsass.exe
01:50:34.0573 0x00b0  EFS - ok
01:50:34.0577 0x00b0  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
01:50:34.0583 0x00b0  EhStorClass - ok
01:50:34.0588 0x00b0  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
01:50:34.0594 0x00b0  EhStorTcgDrv - ok
01:50:34.0597 0x00b0  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\windows\System32\drivers\errdev.sys
01:50:34.0603 0x00b0  ErrDev - ok
01:50:34.0610 0x00b0  [ A21ECF8F94FF5BA9F93F60BF9DC5C1EA, EEF74362175E7DEDC1F17DA44E6C204267F99D8E1AB3A6724F634AB3151F111F ] ESEADriver2     C:\Users\Julian\AppData\Local\Temp\ESEADriver2.sys
01:50:34.0621 0x00b0  ESEADriver2 - ok
01:50:34.0633 0x00b0  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\windows\system32\es.dll
01:50:34.0647 0x00b0  EventSystem - ok
01:50:34.0652 0x00b0  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\windows\system32\drivers\exfat.sys
01:50:34.0664 0x00b0  exfat - ok
01:50:34.0669 0x00b0  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\windows\system32\drivers\fastfat.sys
01:50:34.0678 0x00b0  fastfat - ok
01:50:34.0692 0x00b0  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\windows\system32\fxssvc.exe
01:50:34.0706 0x00b0  Fax - ok
01:50:34.0710 0x00b0  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\windows\System32\drivers\fdc.sys
01:50:34.0716 0x00b0  fdc - ok
01:50:34.0719 0x00b0  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\windows\system32\fdPHost.dll
01:50:34.0725 0x00b0  fdPHost - ok
01:50:34.0728 0x00b0  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\windows\system32\fdrespub.dll
01:50:34.0734 0x00b0  FDResPub - ok
01:50:34.0739 0x00b0  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\windows\system32\fhsvc.dll
01:50:34.0746 0x00b0  fhsvc - ok
01:50:34.0750 0x00b0  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
01:50:34.0756 0x00b0  FileInfo - ok
01:50:34.0759 0x00b0  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\windows\system32\drivers\filetrace.sys
01:50:34.0768 0x00b0  Filetrace - ok
01:50:34.0771 0x00b0  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
01:50:34.0777 0x00b0  flpydisk - ok
01:50:34.0785 0x00b0  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
01:50:34.0795 0x00b0  FltMgr - ok
01:50:34.0819 0x00b0  [ 223CD19D2F84B7B42081F4FB530B658F, 4A9D1A6688C3C8F0B866B0FE2715C9FBA62BE66D4ADCC327A8CABF9EA876A664 ] FontCache       C:\windows\system32\FntCache.dll
01:50:34.0843 0x00b0  FontCache - ok
01:50:34.0848 0x00b0  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:50:34.0854 0x00b0  FontCache3.0.0.0 - ok
01:50:34.0857 0x00b0  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
01:50:34.0863 0x00b0  FsDepends - ok
01:50:34.0866 0x00b0  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
01:50:34.0872 0x00b0  Fs_Rec - ok
01:50:34.0883 0x00b0  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
01:50:34.0898 0x00b0  fvevol - ok
01:50:34.0901 0x00b0  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
01:50:34.0907 0x00b0  FxPPM - ok
01:50:34.0910 0x00b0  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
01:50:34.0916 0x00b0  gagp30kx - ok
01:50:35.0004 0x00b0  [ F8B426A185DD67689BAAFACA0076274A, B2DD0896FE2D7BE89456B562F087FC5141AA83E7D969F7576D6803BE87242564 ] GalaxyClientService D:\Programme (x86)\GOG Galaxy\GalaxyClientService.exe
01:50:35.0034 0x00b0  GalaxyClientService - ok
01:50:35.0158 0x00b0  [ 7BBCFBA5CE2B7AC13BC5B3A44F1AC161, 21955A6234FF773A787DA8C3D6A5CC23231F8793AE124CA3010C43F84F649738 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
01:50:35.0274 0x00b0  GalaxyCommunication - ok
01:50:35.0286 0x00b0  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
01:50:35.0292 0x00b0  gencounter - ok
01:50:35.0297 0x00b0  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
01:50:35.0305 0x00b0  GPIOClx0101 - ok
01:50:35.0328 0x00b0  [ 2DAFF4F76A90E3C523C2FE50338537E9, 625745E538208B50E8F5A9A2C09C6CD03D51E424BB16BC6C5B156CBC25373B6D ] gpsvc           C:\windows\System32\gpsvc.dll
01:50:35.0353 0x00b0  gpsvc - ok
01:50:35.0359 0x00b0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:50:35.0369 0x00b0  gupdate - ok
01:50:35.0372 0x00b0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:50:35.0379 0x00b0  gupdatem - ok
01:50:35.0384 0x00b0  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\windows\system32\DRIVERS\Hamdrv.sys
01:50:35.0391 0x00b0  Hamachi - ok
01:50:35.0403 0x00b0  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
01:50:35.0415 0x00b0  HdAudAddService - ok
01:50:35.0420 0x00b0  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
01:50:35.0426 0x00b0  HDAudBus - ok
01:50:35.0430 0x00b0  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
01:50:35.0436 0x00b0  HidBatt - ok
01:50:35.0441 0x00b0  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\windows\System32\drivers\hidbth.sys
01:50:35.0448 0x00b0  HidBth - ok
01:50:35.0452 0x00b0  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
01:50:35.0458 0x00b0  hidi2c - ok
01:50:35.0461 0x00b0  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\windows\System32\drivers\hidir.sys
01:50:35.0468 0x00b0  HidIr - ok
01:50:35.0471 0x00b0  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\windows\system32\hidserv.dll
01:50:35.0477 0x00b0  hidserv - ok
01:50:35.0480 0x00b0  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\windows\System32\drivers\hidusb.sys
01:50:35.0486 0x00b0  HidUsb - ok
01:50:35.0489 0x00b0  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\windows\system32\kmsvc.dll
01:50:35.0497 0x00b0  hkmsvc - ok
01:50:35.0504 0x00b0  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\windows\system32\ListSvc.dll
01:50:35.0514 0x00b0  HomeGroupListener - ok
01:50:35.0523 0x00b0  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\windows\system32\provsvc.dll
01:50:35.0534 0x00b0  HomeGroupProvider - ok
01:50:35.0538 0x00b0  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
01:50:35.0545 0x00b0  HpSAMD - ok
01:50:35.0561 0x00b0  [ 61C5D4EF4BE4EA271B90135490C67447, E44027338E1DF863372ECF6EFF02C881F938C7D7751C8810AABDF1E13E33DDC5 ] HTTP            C:\windows\system32\drivers\HTTP.sys
01:50:35.0582 0x00b0  HTTP - ok
01:50:35.0586 0x00b0  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
01:50:35.0591 0x00b0  hwpolicy - ok
01:50:35.0594 0x00b0  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
01:50:35.0600 0x00b0  hyperkbd - ok
01:50:35.0603 0x00b0  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
01:50:35.0609 0x00b0  HyperVideo - ok
01:50:35.0613 0x00b0  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
01:50:35.0620 0x00b0  i8042prt - ok
01:50:35.0623 0x00b0  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\windows\System32\drivers\iaLPSSi_GPIO.sys
01:50:35.0627 0x00b0  iaLPSSi_GPIO - ok
01:50:35.0631 0x00b0  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\windows\System32\drivers\iaLPSSi_I2C.sys
01:50:35.0636 0x00b0  iaLPSSi_I2C - ok
01:50:35.0648 0x00b0  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
01:50:35.0661 0x00b0  iaStorA - ok
01:50:35.0674 0x00b0  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\windows\system32\drivers\iaStorAV.sys
01:50:35.0686 0x00b0  iaStorAV - ok
01:50:35.0691 0x00b0  [ 6241810294275CEA59EBA9733080E5EE, F9A1A505B9279CD660CAAF4F8D21BDC34AC75FD86E881632A378B9BF39A3738E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
01:50:35.0695 0x00b0  IAStorDataMgrSvc - ok
01:50:35.0704 0x00b0  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
01:50:35.0715 0x00b0  iaStorV - ok
01:50:35.0718 0x00b0  IEEtwCollectorService - ok
01:50:35.0736 0x00b0  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\windows\System32\ikeext.dll
01:50:35.0756 0x00b0  IKEEXT - ok
01:50:35.0811 0x00b0  [ 517869DB2BC6058D250A2963AE32B2D4, 155452DCBA19ABDF8ED72286E9AC43947A06F08C1BD044F88A870F3465981B79 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
01:50:35.0863 0x00b0  IntcAzAudAddService - ok
01:50:35.0885 0x00b0  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
01:50:35.0897 0x00b0  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
01:50:35.0980 0x00b0  Detect skipped due to KSN trusted
01:50:35.0980 0x00b0  Intel(R) Capability Licensing Service Interface - ok
01:50:35.0981 0x00b0  Intel(R) Capability Licensing Service TCP IP Interface - ok
01:50:35.0989 0x00b0  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
01:50:35.0994 0x00b0  Intel(R) ME Service - ok
01:50:35.0997 0x00b0  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\windows\system32\drivers\intelide.sys
01:50:36.0003 0x00b0  intelide - ok
01:50:36.0006 0x00b0  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\windows\system32\drivers\intelpep.sys
01:50:36.0012 0x00b0  intelpep - ok
01:50:36.0016 0x00b0  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\windows\System32\drivers\intelppm.sys
01:50:36.0023 0x00b0  intelppm - ok
01:50:36.0027 0x00b0  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
01:50:36.0035 0x00b0  IpFilterDriver - ok
01:50:36.0051 0x00b0  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
01:50:36.0069 0x00b0  iphlpsvc - ok
01:50:36.0074 0x00b0  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
01:50:36.0080 0x00b0  IPMIDRV - ok
01:50:36.0085 0x00b0  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
01:50:36.0092 0x00b0  IPNAT - ok
01:50:36.0095 0x00b0  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\windows\system32\drivers\irenum.sys
01:50:36.0103 0x00b0  IRENUM - ok
01:50:36.0106 0x00b0  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\windows\system32\drivers\isapnp.sys
01:50:36.0110 0x00b0  isapnp - ok
01:50:36.0119 0x00b0  [ C378ED678D1316721A40E1F60FB76184, 972900D99BBC02BA3FD664DAE36EFF7D25286912C7DDFD443C8CB37D997D304F ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
01:50:36.0128 0x00b0  iScsiPrt - ok
01:50:36.0133 0x00b0  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
01:50:36.0139 0x00b0  jhi_service - ok
01:50:36.0143 0x00b0  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
01:50:36.0149 0x00b0  kbdclass - ok
01:50:36.0152 0x00b0  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
01:50:36.0157 0x00b0  kbdhid - ok
01:50:36.0160 0x00b0  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
01:50:36.0166 0x00b0  kdnic - ok
01:50:36.0169 0x00b0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\windows\system32\lsass.exe
01:50:36.0175 0x00b0  KeyIso - ok
01:50:36.0186 0x00b0  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1             C:\windows\system32\DRIVERS\kl1.sys
01:50:36.0199 0x00b0  kl1 - ok
01:50:36.0203 0x00b0  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\windows\system32\DRIVERS\klbackupdisk.sys
01:50:36.0209 0x00b0  klbackupdisk - ok
01:50:36.0213 0x00b0  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt     C:\windows\system32\DRIVERS\klbackupflt.sys
01:50:36.0219 0x00b0  klbackupflt - ok
01:50:36.0223 0x00b0  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\windows\system32\DRIVERS\kldisk.sys
01:50:36.0229 0x00b0  kldisk - ok
01:50:36.0232 0x00b0  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\windows\system32\DRIVERS\klelam.sys
01:50:36.0239 0x00b0  klelam - ok
01:50:36.0244 0x00b0  [ 10F22365381D41EBD3BB08A7BEA15CDD, 02ACFF8E88307076AB97B937081296ABCDEF05BB1AEAA359E60148BA70B4A0BB ] klflt           C:\windows\system32\DRIVERS\klflt.sys
01:50:36.0252 0x00b0  klflt - ok
01:50:36.0263 0x00b0  [ 432A489DEF978702210732364E7CF486, 0D911843EB49F70BC60AEB56DD66BBC328E065F6AD2ED4EC7FCCD30C61A3B017 ] klhk            C:\windows\system32\DRIVERS\klhk.sys
01:50:36.0275 0x00b0  klhk - ok
01:50:36.0278 0x00b0  klids - ok
01:50:36.0295 0x00b0  [ A1DF9BDEDC9105F6085751CC2168F664, 61DC8F730A3721D5B5EF9440FED4E43EC651AB1D051535D9A2C960DD420B3C8A ] KLIF            C:\windows\system32\DRIVERS\klif.sys
01:50:36.0314 0x00b0  KLIF - ok
01:50:36.0318 0x00b0  [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6           C:\windows\system32\DRIVERS\klim6.sys
01:50:36.0325 0x00b0  KLIM6 - ok
01:50:36.0328 0x00b0  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\windows\system32\DRIVERS\klkbdflt.sys
01:50:36.0334 0x00b0  klkbdflt - ok
01:50:36.0337 0x00b0  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\windows\system32\DRIVERS\klmouflt.sys
01:50:36.0342 0x00b0  klmouflt - ok
01:50:36.0346 0x00b0  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\windows\system32\DRIVERS\klpd.sys
01:50:36.0351 0x00b0  klpd - ok
01:50:36.0355 0x00b0  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\windows\system32\DRIVERS\kltap.sys
01:50:36.0361 0x00b0  kltap - ok
01:50:36.0368 0x00b0  [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
01:50:36.0373 0x00b0  klvssbrigde64 - ok
01:50:36.0377 0x00b0  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp           C:\windows\system32\DRIVERS\klwfp.sys
01:50:36.0384 0x00b0  klwfp - ok
01:50:36.0389 0x00b0  [ 4799405773BB400A2FF96663CF0EE4A2, F7650B80AC388675724D9A43D709FF9CCDE99374D7C5E3B900F61FC61D6816D2 ] Klwtp           C:\windows\system32\DRIVERS\klwtp.sys
01:50:36.0396 0x00b0  Klwtp - ok
01:50:36.0402 0x00b0  [ 2426B9215884C60F7E021AA94827DC57, 7030B40B3AD6012CB4B6B42D36F5A69C146A7A4B948FB2D29E9AFF6DF46202CA ] kneps           C:\windows\system32\DRIVERS\kneps.sys
01:50:36.0412 0x00b0  kneps - ok
01:50:36.0418 0x00b0  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
01:50:36.0426 0x00b0  KSDE1.0.0 - ok
01:50:36.0431 0x00b0  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
01:50:36.0437 0x00b0  KSecDD - ok
01:50:36.0442 0x00b0  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
01:50:36.0450 0x00b0  KSecPkg - ok
01:50:36.0454 0x00b0  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
01:50:36.0459 0x00b0  ksthunk - ok
01:50:36.0468 0x00b0  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\windows\system32\msdtckrm.dll
01:50:36.0479 0x00b0  KtmRm - ok
01:50:36.0486 0x00b0  [ 46813C715E026F89DDF6E3EF9C2BBA13, A539FD0AC075DFC2038ECACC358E8A806A3004896309799FF07A474F672786F2 ] LanmanServer    C:\windows\system32\srvsvc.dll
01:50:36.0497 0x00b0  LanmanServer - ok
01:50:36.0504 0x00b0  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
01:50:36.0514 0x00b0  LanmanWorkstation - ok
01:50:36.0525 0x00b0  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\windows\System32\GeofenceMonitorService.dll
01:50:36.0538 0x00b0  lfsvc - ok
01:50:36.0542 0x00b0  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
01:50:36.0550 0x00b0  lltdio - ok
01:50:36.0556 0x00b0  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\windows\System32\lltdsvc.dll
01:50:36.0566 0x00b0  lltdsvc - ok
01:50:36.0570 0x00b0  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\windows\System32\lmhsvc.dll
01:50:36.0577 0x00b0  lmhosts - ok
01:50:36.0586 0x00b0  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:50:36.0594 0x00b0  LMS - ok
01:50:36.0599 0x00b0  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
01:50:36.0606 0x00b0  LSI_SAS - ok
01:50:36.0610 0x00b0  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
01:50:36.0617 0x00b0  LSI_SAS2 - ok
01:50:36.0620 0x00b0  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\windows\system32\drivers\lsi_sas3.sys
01:50:36.0626 0x00b0  LSI_SAS3 - ok
01:50:36.0630 0x00b0  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
01:50:36.0637 0x00b0  LSI_SSS - ok
01:50:36.0651 0x00b0  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\windows\System32\lsm.dll
01:50:36.0668 0x00b0  LSM - ok
01:50:36.0672 0x00b0  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\windows\system32\drivers\luafv.sys
01:50:36.0679 0x00b0  luafv - ok
01:50:36.0681 0x00b0  McAfee SiteAdvisor Service - ok
01:50:36.0685 0x00b0  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\windows\system32\drivers\megasas.sys
01:50:36.0691 0x00b0  megasas - ok
01:50:36.0702 0x00b0  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\windows\system32\drivers\megasr.sys
01:50:36.0717 0x00b0  megasr - ok
01:50:36.0721 0x00b0  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\windows\system32\DRIVERS\TeeDriverx64.sys
01:50:36.0726 0x00b0  MEIx64 - ok
01:50:36.0729 0x00b0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\windows\system32\mmcss.dll
01:50:36.0736 0x00b0  MMCSS - ok
01:50:36.0739 0x00b0  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\windows\system32\drivers\modem.sys
01:50:36.0746 0x00b0  Modem - ok
01:50:36.0749 0x00b0  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\windows\System32\drivers\monitor.sys
01:50:36.0755 0x00b0  monitor - ok
01:50:36.0758 0x00b0  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\windows\System32\drivers\mouclass.sys
01:50:36.0764 0x00b0  mouclass - ok
01:50:36.0767 0x00b0  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\windows\System32\drivers\mouhid.sys
01:50:36.0773 0x00b0  mouhid - ok
01:50:36.0777 0x00b0  [ E5E8665272EBCD87A0A632314F0D221D, 37FDC4CEB8E5FC39C10DE875676863D090CFEA708AC3A8415114DCDD94BD7A1D ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
01:50:36.0784 0x00b0  mountmgr - ok
01:50:36.0789 0x00b0  [ 0EACD4459D14FBB121A0F8202F170225, 6C63A3D69D6A44E6E03863D2256A5C6EF2DCA56B18DC90B8F3AE8C8DF5D303EF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:50:36.0796 0x00b0  MozillaMaintenance - ok
01:50:36.0799 0x00b0  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
01:50:36.0806 0x00b0  mpsdrv - ok
01:50:36.0821 0x00b0  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\windows\system32\mpssvc.dll
01:50:36.0839 0x00b0  MpsSvc - ok
01:50:36.0845 0x00b0  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
01:50:36.0852 0x00b0  MRxDAV - ok
01:50:36.0861 0x00b0  [ E2FC654EC895E92A022794329BFC53EC, BDEFF410B8A1D213B652A86DBF53774A3EBD58C32CCB9180712F9F3777307688 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
01:50:36.0872 0x00b0  mrxsmb - ok
01:50:36.0880 0x00b0  [ B213149BE26DD213C44AD61DB19C1251, E28886C1E78E54BBA74DD9779BB18B20D9CB8DF1CCD387FE415F1748719EE5F6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
01:50:36.0889 0x00b0  mrxsmb10 - ok
01:50:36.0895 0x00b0  [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
01:50:36.0903 0x00b0  mrxsmb20 - ok
01:50:36.0908 0x00b0  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
01:50:36.0915 0x00b0  MsBridge - ok
01:50:36.0920 0x00b0  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\windows\System32\msdtc.exe
01:50:36.0928 0x00b0  MSDTC - ok
01:50:36.0933 0x00b0  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\windows\system32\drivers\Msfs.sys
01:50:36.0939 0x00b0  Msfs - ok
01:50:36.0943 0x00b0  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
01:50:36.0948 0x00b0  msgpiowin32 - ok
01:50:36.0951 0x00b0  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
01:50:36.0957 0x00b0  mshidkmdf - ok
01:50:36.0959 0x00b0  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
01:50:36.0966 0x00b0  mshidumdf - ok
01:50:36.0968 0x00b0  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
01:50:36.0973 0x00b0  msisadrv - ok
01:50:36.0978 0x00b0  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
01:50:36.0987 0x00b0  MSiSCSI - ok
01:50:36.0989 0x00b0  msiserver - ok
01:50:36.0991 0x00b0  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
01:50:36.0997 0x00b0  MSKSSRV - ok
01:50:37.0000 0x00b0  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
01:50:37.0006 0x00b0  MsLldp - ok
01:50:37.0009 0x00b0  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
01:50:37.0015 0x00b0  MSPCLOCK - ok
01:50:37.0018 0x00b0  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
01:50:37.0024 0x00b0  MSPQM - ok
01:50:37.0031 0x00b0  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
01:50:37.0042 0x00b0  MsRPC - ok
01:50:37.0046 0x00b0  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
01:50:37.0052 0x00b0  mssmbios - ok
01:50:37.0054 0x00b0  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
01:50:37.0060 0x00b0  MSTEE - ok
01:50:37.0063 0x00b0  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
01:50:37.0069 0x00b0  MTConfig - ok
01:50:37.0074 0x00b0  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\windows\system32\Drivers\mup.sys
01:50:37.0081 0x00b0  Mup - ok
01:50:37.0085 0x00b0  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\windows\system32\drivers\mvumis.sys
01:50:37.0091 0x00b0  mvumis - ok
01:50:37.0100 0x00b0  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\windows\system32\qagentRT.dll
01:50:37.0112 0x00b0  napagent - ok
01:50:37.0122 0x00b0  [ 057B856BECFF7CFE87DD3829DD41AE91, E13ED9A7F3F873C7EB559F3FBEBE57C63BB9F1872E0C4D590277E0F21A41751B ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
01:50:37.0133 0x00b0  NativeWifiP - ok
01:50:37.0138 0x00b0  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\windows\System32\ncasvc.dll
01:50:37.0147 0x00b0  NcaSvc - ok
01:50:37.0151 0x00b0  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\windows\System32\ncbservice.dll
01:50:37.0159 0x00b0  NcbService - ok
01:50:37.0163 0x00b0  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
01:50:37.0170 0x00b0  NcdAutoSetup - ok
01:50:37.0188 0x00b0  [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS            C:\windows\system32\drivers\ndis.sys
01:50:37.0212 0x00b0  NDIS - ok
01:50:37.0216 0x00b0  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
01:50:37.0223 0x00b0  NdisCap - ok
01:50:37.0227 0x00b0  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
01:50:37.0234 0x00b0  NdisImPlatform - ok
01:50:37.0237 0x00b0  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
01:50:37.0243 0x00b0  NdisTapi - ok
01:50:37.0247 0x00b0  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
01:50:37.0253 0x00b0  Ndisuio - ok
01:50:37.0256 0x00b0  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\windows\System32\drivers\NdisVirtualBus.sys
01:50:37.0263 0x00b0  NdisVirtualBus - ok
01:50:37.0269 0x00b0  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
01:50:37.0277 0x00b0  NdisWan - ok
01:50:37.0283 0x00b0  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\windows\system32\DRIVERS\ndiswan.sys
01:50:37.0291 0x00b0  NdisWanLegacy - ok
01:50:37.0294 0x00b0  [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
01:50:37.0301 0x00b0  NDProxy - ok
01:50:37.0305 0x00b0  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\windows\system32\drivers\Ndu.sys
01:50:37.0312 0x00b0  Ndu - ok
01:50:37.0315 0x00b0  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
01:50:37.0322 0x00b0  NetBIOS - ok
01:50:37.0329 0x00b0  [ 0FE750800DEEE91D22399D081371BA79, 7E1E01A5D5BAE68F975070D1676BD830ADF010E42A8046D4074D17B710230CD9 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
01:50:37.0338 0x00b0  NetBT - ok
01:50:37.0341 0x00b0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\windows\system32\lsass.exe
01:50:37.0347 0x00b0  Netlogon - ok
01:50:37.0354 0x00b0  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\windows\System32\netman.dll
01:50:37.0365 0x00b0  Netman - ok
01:50:37.0377 0x00b0  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\windows\System32\netprofmsvc.dll
01:50:37.0392 0x00b0  netprofm - ok
01:50:37.0399 0x00b0  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:50:37.0408 0x00b0  NetTcpPortSharing - ok
01:50:37.0412 0x00b0  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\windows\System32\drivers\netvsc63.sys
01:50:37.0419 0x00b0  netvsc - ok
01:50:37.0428 0x00b0  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\windows\System32\nlasvc.dll
01:50:37.0440 0x00b0  NlaSvc - ok
01:50:37.0443 0x00b0  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\windows\system32\drivers\Npfs.sys
01:50:37.0451 0x00b0  Npfs - ok
01:50:37.0454 0x00b0  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
01:50:37.0459 0x00b0  npsvctrig - ok
01:50:37.0463 0x00b0  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\windows\system32\nsisvc.dll
01:50:37.0470 0x00b0  nsi - ok
01:50:37.0473 0x00b0  [ 018510D88536798852DAE12F9BA6E138, C0D89C36F8737FD139CEA80BED65D1DB4248E667804645FF71C39BA92FEC4109 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
01:50:37.0479 0x00b0  nsiproxy - ok
01:50:37.0510 0x00b0  [ 6D836B68DC71CC1288A3AEA6B26CCEC3, 1EFADF39D059E9ADC8A40B694DCC38E6A1E93D065DB126512454C688D8101938 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
01:50:37.0548 0x00b0  Ntfs - ok
01:50:37.0554 0x00b0  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\windows\system32\drivers\Null.sys
01:50:37.0560 0x00b0  Null - ok
01:50:37.0570 0x00b0  [ A4C2B64BB792E5115D4F938B68DB56E3, 783BE4994F7BB1EAAD564177C17A15BD7E3A9BEC6F3A2D19F834175D8A99511E ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
01:50:37.0581 0x00b0  NvContainerLocalSystem - ok
01:50:37.0590 0x00b0  [ A4C2B64BB792E5115D4F938B68DB56E3, 783BE4994F7BB1EAAD564177C17A15BD7E3A9BEC6F3A2D19F834175D8A99511E ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
01:50:37.0601 0x00b0  NvContainerNetworkService - ok
01:50:37.0608 0x00b0  [ 4938CCA6E12A7FDA5324FFF0DF5DB8EC, 053D4D21014020C0D39F7BFC480EAE1458E1ABA1C40E11190204C4A2CB0D46EF ] NVHDA           C:\windows\system32\drivers\nvhda64v.sys
01:50:37.0616 0x00b0  NVHDA - ok
01:50:37.0838 0x00b0  [ 9673C9F7FC9EDA93C4627B8A3A07839D, ECFC34AB3550C283D46BC7563CD15220EA67E4860161F5BE711208E8A75FE15F ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
01:50:38.0047 0x00b0  nvlddmkm - ok
01:50:38.0090 0x00b0  [ C2909BD26906E1D05D77B1D48B48E94A, 5642571FFDBDC63F0E3B1477337103517ABF7C50EBEDA63EF8E162E44C7B2538 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
01:50:38.0118 0x00b0  NvNetworkService - ok
01:50:38.0125 0x00b0  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\windows\system32\drivers\nvraid.sys
01:50:38.0132 0x00b0  nvraid - ok
01:50:38.0137 0x00b0  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\windows\system32\drivers\nvstor.sys
01:50:38.0145 0x00b0  nvstor - ok
01:50:38.0148 0x00b0  [ 1977F0B09773290703C1EE2824688CF3, 1D101118EB2BA7FA25F52B6B47A64C4E6944FF9D7E8230E65C6BC8CF82CF855A ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
01:50:38.0152 0x00b0  NvStreamKms - ok
01:50:38.0154 0x00b0  NvStreamSvc - ok
01:50:38.0164 0x00b0  [ FD4950C9F91FE742B97A24F1EEEE7DE4, F350C3D8E0C00ACAAEEE3BD17AE6932F8BB8B0992A8945265A883AEA843228C8 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
01:50:38.0173 0x00b0  NvTelemetryContainer - ok
01:50:38.0177 0x00b0  [ F944F2715D9489831E3874129F9CCD95, 8B64172B6CA794DBAEB9BC1E13F251EBF11E04C28ECF7E9897FBCCF12C646F2C ] NVVADARM        C:\windows\system32\drivers\nvvadarm.sys
01:50:38.0182 0x00b0  NVVADARM - ok
01:50:38.0185 0x00b0  [ CA0E8533CAC38529F266B249728F5236, BF7175FA7E1E980D563CAA6F73105520461290B07E0D5658B653844C46397629 ] nvvad_WaveExtensible C:\windows\system32\drivers\nvvad64v.sys
01:50:38.0189 0x00b0  nvvad_WaveExtensible - ok
01:50:38.0192 0x00b0  [ 72DC1DB2385A4FCAAE52E2A96E3E6AE7, 1F7A8E13AD8EC0C08DFFD3FCF89C64D8531325A0C0D62F124DAAF514C4A89EAD ] nvvhci          C:\windows\System32\drivers\nvvhci.sys
01:50:38.0197 0x00b0  nvvhci - ok
01:50:38.0202 0x00b0  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
01:50:38.0209 0x00b0  nv_agp - ok
01:50:38.0300 0x00b0  [ 731906F749FDB1F8E3CAE9E3DD34919A, 4ADEC2468A0048765CD177D8EED5D92C24FAD086CA918C7AAE9707326FB54150 ] Origin Client Service D:\Programme (x86)\Origin\OriginClientService.exe
01:50:38.0333 0x00b0  Origin Client Service - ok
01:50:38.0401 0x00b0  [ 98E9A68A78ADC072E7A78723C8E94234, E7A4141168BF08A8C89091237ECDA8FE9F6E6C5BFEF7E9CE041CB43844608038 ] Origin Web Helper Service D:\Programme (x86)\Origin\OriginWebHelperService.exe
01:50:38.0445 0x00b0  Origin Web Helper Service - ok
01:50:38.0455 0x00b0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:50:38.0461 0x00b0  ose - ok
01:50:38.0529 0x00b0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:50:38.0599 0x00b0  osppsvc - ok
01:50:38.0605 0x00b0  OverwolfUpdater - ok
01:50:38.0616 0x00b0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
01:50:38.0627 0x00b0  p2pimsvc - ok
01:50:38.0636 0x00b0  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\windows\system32\p2psvc.dll
01:50:38.0648 0x00b0  p2psvc - ok
01:50:38.0653 0x00b0  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\windows\System32\drivers\parport.sys
01:50:38.0660 0x00b0  Parport - ok
01:50:38.0664 0x00b0  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\windows\system32\drivers\partmgr.sys
01:50:38.0670 0x00b0  partmgr - ok
01:50:38.0694 0x00b0  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\windows\System32\pcasvc.dll
01:50:38.0707 0x00b0  PcaSvc - ok
01:50:38.0792 0x00b0  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\windows\system32\drivers\pci.sys
01:50:38.0802 0x00b0  pci - ok
01:50:38.0820 0x00b0  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\windows\system32\drivers\pciide.sys
01:50:38.0827 0x00b0  pciide - ok
01:50:38.0831 0x00b0  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
01:50:38.0838 0x00b0  pcmcia - ok
01:50:38.0841 0x00b0  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\windows\system32\drivers\pcw.sys
01:50:38.0847 0x00b0  pcw - ok
01:50:38.0851 0x00b0  [ E6B3ACBA06BAF48594557FCCBFA66FD2, 44A0FAC6169D9130870456DEFBFFE563FCCC4AD7A9754B455D5A1C1A77F0699D ] pdc             C:\windows\system32\drivers\pdc.sys
01:50:38.0857 0x00b0  pdc - ok
01:50:38.0870 0x00b0  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
01:50:38.0884 0x00b0  PEAUTH - ok
01:50:38.0898 0x00b0  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\windows\SysWow64\perfhost.exe
01:50:38.0904 0x00b0  PerfHost - ok
01:50:38.0932 0x00b0  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\windows\system32\pla.dll
01:50:38.0959 0x00b0  pla - ok
01:50:38.0964 0x00b0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\windows\system32\umpnpmgr.dll
01:50:38.0972 0x00b0  PlugPlay - ok
01:50:38.0974 0x00b0  PnkBstrA - ok
01:50:38.0977 0x00b0  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
01:50:38.0983 0x00b0  PNRPAutoReg - ok
01:50:38.0991 0x00b0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
01:50:39.0002 0x00b0  PNRPsvc - ok
01:50:39.0011 0x00b0  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
01:50:39.0022 0x00b0  PolicyAgent - ok
01:50:39.0026 0x00b0  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\windows\system32\umpo.dll
01:50:39.0034 0x00b0  Power - ok
01:50:39.0078 0x00b0  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
01:50:39.0122 0x00b0  PrintNotify - ok
01:50:39.0133 0x00b0  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\windows\System32\drivers\processr.sys
01:50:39.0139 0x00b0  Processor - ok
01:50:39.0146 0x00b0  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\windows\system32\profsvc.dll
01:50:39.0154 0x00b0  ProfSvc - ok
01:50:39.0159 0x00b0  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
01:50:39.0167 0x00b0  Psched - ok
01:50:39.0174 0x00b0  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\windows\system32\qwave.dll
01:50:39.0185 0x00b0  QWAVE - ok
01:50:39.0188 0x00b0  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
01:50:39.0193 0x00b0  QWAVEdrv - ok
01:50:39.0196 0x00b0  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
01:50:39.0202 0x00b0  RasAcd - ok
01:50:39.0206 0x00b0  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\windows\System32\rasauto.dll
01:50:39.0214 0x00b0  RasAuto - ok
01:50:39.0225 0x00b0  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\windows\System32\rasmans.dll
01:50:39.0239 0x00b0  RasMan - ok
01:50:39.0243 0x00b0  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
01:50:39.0252 0x00b0  RasPppoe - ok
01:50:39.0260 0x00b0  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
01:50:39.0271 0x00b0  rdbss - ok
01:50:39.0275 0x00b0  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
01:50:39.0281 0x00b0  rdpbus - ok
01:50:39.0287 0x00b0  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
01:50:39.0295 0x00b0  RDPDR - ok
01:50:39.0300 0x00b0  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
01:50:39.0306 0x00b0  RdpVideoMiniport - ok
01:50:39.0312 0x00b0  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
01:50:39.0322 0x00b0  rdyboost - ok
01:50:39.0338 0x00b0  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\windows\system32\drivers\ReFS.sys
01:50:39.0361 0x00b0  ReFS - ok
01:50:39.0369 0x00b0  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\windows\System32\mprdim.dll
01:50:39.0380 0x00b0  RemoteAccess - ok
01:50:39.0386 0x00b0  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\windows\system32\regsvc.dll
01:50:39.0395 0x00b0  RemoteRegistry - ok
01:50:39.0398 0x00b0  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
01:50:39.0406 0x00b0  RpcEptMapper - ok
01:50:39.0410 0x00b0  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\windows\system32\locator.exe
01:50:39.0416 0x00b0  RpcLocator - ok
01:50:39.0431 0x00b0  [ 20CC6E9FE25ACD34BE4FCDDB7B08364D, 295B2BBDC860A4CD65CD09C975D08CA1B8E4FE60AD0CA084CAB149A3E9D64B40 ] RpcSs           C:\windows\system32\rpcss.dll
01:50:39.0449 0x00b0  RpcSs - ok
01:50:39.0453 0x00b0  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
01:50:39.0461 0x00b0  rspndr - ok
01:50:39.0476 0x00b0  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
01:50:39.0491 0x00b0  RTL8168 - ok
01:50:39.0548 0x00b0  [ A5278C648EBE09D953B8F8B326C220AC, 2A46AEFA02DF801FFBE3DBA9FA81BBDB6EB9EEF35C4695D919BF86B9C1FF5C47 ] RtlWlanu        C:\windows\system32\DRIVERS\rtwlanu.sys
01:50:39.0604 0x00b0  RtlWlanu - ok
01:50:39.0612 0x00b0  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
01:50:39.0618 0x00b0  s3cap - ok
01:50:39.0621 0x00b0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\windows\system32\lsass.exe
01:50:39.0627 0x00b0  SamSs - ok
01:50:39.0632 0x00b0  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
01:50:39.0639 0x00b0  sbp2port - ok
01:50:39.0645 0x00b0  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\windows\System32\SCardSvr.dll
01:50:39.0653 0x00b0  SCardSvr - ok
01:50:39.0658 0x00b0  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum    C:\windows\System32\ScDeviceEnum.dll
01:50:39.0666 0x00b0  ScDeviceEnum - ok
01:50:39.0669 0x00b0  [ FA7ABD857DEB0FE3C94CC39A4C845E66, ACD551F75E00C4EB9CFDA73B04051D0BF5FF0BA67C716E1989A21683D8777A41 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
01:50:39.0675 0x00b0  scfilter - ok
01:50:39.0695 0x00b0  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\windows\system32\schedsvc.dll
01:50:39.0720 0x00b0  Schedule - ok
01:50:39.0725 0x00b0  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc     C:\windows\System32\certprop.dll
01:50:39.0733 0x00b0  SCPolicySvc - ok
01:50:39.0741 0x00b0  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\windows\System32\drivers\sdbus.sys
01:50:39.0749 0x00b0  sdbus - ok
01:50:39.0754 0x00b0  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\windows\System32\drivers\sdstor.sys
01:50:39.0760 0x00b0  sdstor - ok
01:50:39.0763 0x00b0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
01:50:39.0769 0x00b0  secdrv - ok
01:50:39.0772 0x00b0  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\windows\system32\seclogon.dll
01:50:39.0779 0x00b0  seclogon - ok
01:50:39.0783 0x00b0  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\windows\System32\sens.dll
01:50:39.0790 0x00b0  SENS - ok
01:50:39.0797 0x00b0  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
01:50:39.0806 0x00b0  SensrSvc - ok
01:50:39.0810 0x00b0  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\windows\system32\drivers\SerCx.sys
01:50:39.0816 0x00b0  SerCx - ok
01:50:39.0821 0x00b0  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\windows\system32\drivers\SerCx2.sys
01:50:39.0828 0x00b0  SerCx2 - ok
01:50:39.0832 0x00b0  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\windows\System32\drivers\serenum.sys
01:50:39.0837 0x00b0  Serenum - ok
01:50:39.0842 0x00b0  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\windows\System32\drivers\serial.sys
01:50:39.0848 0x00b0  Serial - ok
01:50:39.0851 0x00b0  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\windows\System32\drivers\sermouse.sys
01:50:39.0857 0x00b0  sermouse - ok
01:50:39.0867 0x00b0  [ 624BB76941938B9F5776DEA56004D33E, D4EE7A23665D71646622D477CA962335B4C17BAC931A728122DF8C112CD5A560 ] SessionEnv      C:\windows\system32\sessenv.dll
01:50:39.0878 0x00b0  SessionEnv - ok
01:50:39.0881 0x00b0  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
01:50:39.0887 0x00b0  sfloppy - ok
01:50:39.0896 0x00b0  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\windows\System32\ipnathlp.dll
01:50:39.0908 0x00b0  SharedAccess - ok
01:50:39.0921 0x00b0  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\windows\System32\shsvcs.dll
01:50:39.0937 0x00b0  ShellHWDetection - ok
01:50:39.0940 0x00b0  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
01:50:39.0947 0x00b0  SiSRaid2 - ok
01:50:39.0950 0x00b0  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
01:50:39.0956 0x00b0  SiSRaid4 - ok
01:50:39.0959 0x00b0  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\windows\System32\smphost.dll
01:50:39.0966 0x00b0  smphost - ok
01:50:39.0970 0x00b0  [ 961507DB02D7AC0B7A7828D457143B8E, F423BE6287C65960A955EBB3BFBAC047313BEB2F54920A6E57E51FCCE855F5E0 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
01:50:39.0977 0x00b0  SNMPTRAP - ok
01:50:39.0988 0x00b0  [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport       C:\windows\system32\drivers\spaceport.sys
01:50:39.0999 0x00b0  spaceport - ok
01:50:40.0003 0x00b0  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
01:50:40.0009 0x00b0  SpbCx - ok
01:50:40.0028 0x00b0  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\windows\System32\spoolsv.exe
01:50:40.0046 0x00b0  Spooler - ok
01:50:40.0136 0x00b0  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\windows\system32\sppsvc.exe
01:50:40.0251 0x00b0  sppsvc - ok
01:50:40.0268 0x00b0  [ 6A697F8A01C0E7C22D45091E6E8BC5A9, 3F9665219FECF0D8C6BD92ED287CEA243D17F30ABF69F484893DF0FA02B14E8A ] srv             C:\windows\system32\DRIVERS\srv.sys
01:50:40.0279 0x00b0  srv - ok
01:50:40.0292 0x00b0  [ 2BDC8B9E7AA11C5C1D77E4CFA27219E0, B3B186B18E0788050FB3552A7261AD5134762C4F6906C302674827954BD958C9 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
01:50:40.0307 0x00b0  srv2 - ok
01:50:40.0313 0x00b0  [ 905EA1BE23669AE7E8C220934CC86D18, A64C18D8F53AD5352DEFF588DC940E7EDA71020D3C3C9825B2A36400B5E7B46C ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
01:50:40.0322 0x00b0  srvnet - ok
01:50:40.0328 0x00b0  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
01:50:40.0338 0x00b0  SSDPSRV - ok
01:50:40.0343 0x00b0  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\windows\system32\sstpsvc.dll
01:50:40.0351 0x00b0  SstpSvc - ok
01:50:40.0376 0x00b0  [ 925116020437C74A2F535EBB05267968, 3180856E63A7E17807A6914A13C8BD4B01AE6A76E7E8D0A3FF45556536CC717E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:50:40.0402 0x00b0  Steam Client Service - ok
01:50:40.0406 0x00b0  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\windows\system32\drivers\stexstor.sys
01:50:40.0412 0x00b0  stexstor - ok
01:50:40.0425 0x00b0  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\windows\System32\wiaservc.dll
01:50:40.0441 0x00b0  stisvc - ok
01:50:40.0446 0x00b0  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\windows\system32\drivers\storahci.sys
01:50:40.0453 0x00b0  storahci - ok
01:50:40.0456 0x00b0  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\windows\system32\drivers\vmstorfl.sys
01:50:40.0462 0x00b0  storflt - ok
01:50:40.0466 0x00b0  [ 1D5A045F59D216448FCDE3A8D69970E2, CEDEB0843D93339D10FE4BC209CCFCB6E12C6064FD62694DA7675082E8B8C915 ] stornvme        C:\windows\system32\drivers\stornvme.sys
01:50:40.0472 0x00b0  stornvme - ok
01:50:40.0476 0x00b0  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\windows\system32\storsvc.dll
01:50:40.0483 0x00b0  StorSvc - ok
01:50:40.0486 0x00b0  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\windows\system32\drivers\storvsc.sys
01:50:40.0492 0x00b0  storvsc - ok
01:50:40.0494 0x00b0  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\windows\system32\svsvc.dll
01:50:40.0501 0x00b0  svsvc - ok
01:50:40.0504 0x00b0  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\windows\System32\drivers\swenum.sys
01:50:40.0509 0x00b0  swenum - ok
01:50:40.0522 0x00b0  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\windows\System32\swprv.dll
01:50:40.0539 0x00b0  swprv - ok
01:50:40.0560 0x00b0  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\windows\system32\sysmain.dll
01:50:40.0583 0x00b0  SysMain - ok
01:50:40.0591 0x00b0  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
01:50:40.0601 0x00b0  SystemEventsBroker - ok
01:50:40.0606 0x00b0  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\windows\System32\TabSvc.dll
01:50:40.0614 0x00b0  TabletInputService - ok
01:50:40.0622 0x00b0  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\windows\System32\tapisrv.dll
01:50:40.0632 0x00b0  TapiSrv - ok
01:50:40.0668 0x00b0  [ 4C58B60C1E6A2946D6E3D67A36E5E03E, 30952D48B96BB5B858B48194B6C6D1BB64880D3801D46F8CB5CD81CC77B63EDD ] Tcpip           C:\windows\system32\drivers\tcpip.sys
01:50:40.0714 0x00b0  Tcpip - ok
01:50:40.0753 0x00b0  [ 4C58B60C1E6A2946D6E3D67A36E5E03E, 30952D48B96BB5B858B48194B6C6D1BB64880D3801D46F8CB5CD81CC77B63EDD ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
01:50:40.0797 0x00b0  TCPIP6 - ok
01:50:40.0806 0x00b0  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
01:50:40.0812 0x00b0  tcpipreg - ok
01:50:40.0817 0x00b0  [ 576FA545FAB846B06E79B324160DE25C, 14F1FD2769E7F5362E6452CA061564EF3DEBFDF6BC8EFF0CD4E22068A460A727 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
01:50:40.0824 0x00b0  tdx - ok
01:50:40.0827 0x00b0  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\windows\System32\drivers\terminpt.sys
01:50:40.0833 0x00b0  terminpt - ok
01:50:40.0851 0x00b0  [ 76938862B2674EFED79E814CD36E6A08, 911C0B419AC68EC535E0BEFAD1612A840AA22745215834DF421F10041B4ADA27 ] TermService     C:\windows\System32\termsrv.dll
01:50:40.0873 0x00b0  TermService - ok
01:50:40.0877 0x00b0  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\windows\system32\themeservice.dll
01:50:40.0884 0x00b0  Themes - ok
01:50:40.0888 0x00b0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\windows\system32\mmcss.dll
01:50:40.0895 0x00b0  THREADORDER - ok
01:50:40.0901 0x00b0  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
01:50:40.0910 0x00b0  TimeBroker - ok
01:50:40.0916 0x00b0  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\windows\system32\drivers\tpm.sys
01:50:40.0925 0x00b0  TPM - ok
01:50:40.0929 0x00b0  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\windows\System32\trkwks.dll
01:50:40.0936 0x00b0  TrkWks - ok
01:50:40.0940 0x00b0  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
01:50:40.0947 0x00b0  TrustedInstaller - ok
01:50:40.0951 0x00b0  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
01:50:40.0957 0x00b0  TsUsbFlt - ok
01:50:40.0960 0x00b0  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
01:50:40.0966 0x00b0  TsUsbGD - ok
01:50:40.0971 0x00b0  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
01:50:40.0978 0x00b0  tunnel - ok
01:50:40.0981 0x00b0  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\windows\system32\drivers\uagp35.sys
01:50:40.0987 0x00b0  uagp35 - ok
01:50:40.0991 0x00b0  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
01:50:40.0998 0x00b0  UASPStor - ok
01:50:41.0003 0x00b0  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
01:50:41.0012 0x00b0  UCX01000 - ok
01:50:41.0019 0x00b0  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\windows\system32\DRIVERS\udfs.sys
01:50:41.0029 0x00b0  udfs - ok
01:50:41.0032 0x00b0  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\windows\System32\drivers\UEFI.sys
01:50:41.0038 0x00b0  UEFI - ok
01:50:41.0043 0x00b0  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\windows\system32\UI0Detect.exe
01:50:41.0049 0x00b0  UI0Detect - ok
01:50:41.0052 0x00b0  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
01:50:41.0059 0x00b0  uliagpkx - ok
01:50:41.0063 0x00b0  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\windows\System32\drivers\umbus.sys
01:50:41.0070 0x00b0  umbus - ok
01:50:41.0073 0x00b0  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\windows\System32\drivers\umpass.sys
01:50:41.0078 0x00b0  UmPass - ok
01:50:41.0085 0x00b0  [ 87743CF5FF2FB3F2B424F0D8DFF8FD8C, C14C979612426D4449274C109FCF25D3BE170DC5CD7EF8E230C7E8D5681904D3 ] UmRdpService    C:\windows\System32\umrdp.dll
01:50:41.0095 0x00b0  UmRdpService - ok
01:50:41.0104 0x00b0  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\windows\System32\upnphost.dll
01:50:41.0117 0x00b0  upnphost - ok
01:50:41.0123 0x00b0  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
01:50:41.0130 0x00b0  usbccgp - ok
01:50:41.0135 0x00b0  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\windows\System32\drivers\usbcir.sys
01:50:41.0142 0x00b0  usbcir - ok
01:50:41.0146 0x00b0  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\windows\System32\drivers\usbehci.sys
01:50:41.0153 0x00b0  usbehci - ok
01:50:41.0165 0x00b0  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\windows\System32\drivers\usbhub.sys
01:50:41.0178 0x00b0  usbhub - ok
01:50:41.0190 0x00b0  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
01:50:41.0203 0x00b0  USBHUB3 - ok
01:50:41.0207 0x00b0  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\windows\System32\drivers\usbohci.sys
01:50:41.0213 0x00b0  usbohci - ok
01:50:41.0216 0x00b0  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\windows\System32\drivers\usbprint.sys
01:50:41.0222 0x00b0  usbprint - ok
01:50:41.0228 0x00b0  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
01:50:41.0236 0x00b0  USBSTOR - ok
01:50:41.0239 0x00b0  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
01:50:41.0245 0x00b0  usbuhci - ok
01:50:41.0254 0x00b0  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
01:50:41.0265 0x00b0  USBXHCI - ok
01:50:41.0268 0x00b0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\windows\system32\lsass.exe
01:50:41.0275 0x00b0  VaultSvc - ok
01:50:41.0278 0x00b0  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
01:50:41.0284 0x00b0  vdrvroot - ok
01:50:41.0309 0x00b0  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\windows\System32\vds.exe
01:50:41.0335 0x00b0  vds - ok
01:50:41.0342 0x00b0  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
01:50:41.0354 0x00b0  VerifierExt - ok
01:50:41.0368 0x00b0  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
01:50:41.0384 0x00b0  vhdmp - ok
01:50:41.0387 0x00b0  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\windows\system32\drivers\viaide.sys
01:50:41.0392 0x00b0  viaide - ok
01:50:41.0397 0x00b0  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\windows\system32\drivers\vmbus.sys
01:50:41.0404 0x00b0  vmbus - ok
01:50:41.0407 0x00b0  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
01:50:41.0413 0x00b0  VMBusHID - ok
01:50:41.0425 0x00b0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\windows\System32\ICSvc.dll
01:50:41.0438 0x00b0  vmicguestinterface - ok
01:50:41.0449 0x00b0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
01:50:41.0462 0x00b0  vmicheartbeat - ok
01:50:41.0471 0x00b0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\windows\System32\ICSvc.dll
01:50:41.0484 0x00b0  vmickvpexchange - ok
01:50:41.0494 0x00b0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\windows\System32\ICSvc.dll
01:50:41.0507 0x00b0  vmicrdv - ok
01:50:41.0517 0x00b0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\windows\System32\ICSvc.dll
01:50:41.0530 0x00b0  vmicshutdown - ok
01:50:41.0539 0x00b0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\windows\System32\ICSvc.dll
01:50:41.0552 0x00b0  vmictimesync - ok
01:50:41.0562 0x00b0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\windows\System32\ICSvc.dll
01:50:41.0575 0x00b0  vmicvss - ok
01:50:41.0580 0x00b0  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\windows\system32\drivers\volmgr.sys
01:50:41.0586 0x00b0  volmgr - ok
01:50:41.0594 0x00b0  [ 7DD4EAE2E680948D9AFF3E1B5234C1D3, 7B893CEF2B72458F5C716C811A24E4A8856E12E2AC9F551606A64B59C9DCF272 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
01:50:41.0605 0x00b0  volmgrx - ok
01:50:41.0614 0x00b0  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\windows\system32\drivers\volsnap.sys
01:50:41.0624 0x00b0  volsnap - ok
01:50:41.0628 0x00b0  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\windows\System32\drivers\vpci.sys
01:50:41.0634 0x00b0  vpci - ok
01:50:41.0639 0x00b0  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
01:50:41.0647 0x00b0  vsmraid - ok
01:50:41.0671 0x00b0  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\windows\system32\vssvc.exe
01:50:41.0697 0x00b0  VSS - ok
01:50:41.0705 0x00b0  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
01:50:41.0715 0x00b0  VSTXRAID - ok
01:50:41.0718 0x00b0  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
01:50:41.0724 0x00b0  vwifibus - ok
01:50:41.0728 0x00b0  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
01:50:41.0734 0x00b0  vwififlt - ok
01:50:41.0737 0x00b0  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
01:50:41.0743 0x00b0  vwifimp - ok
01:50:41.0752 0x00b0  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\windows\system32\w32time.dll
01:50:41.0764 0x00b0  W32Time - ok
01:50:41.0768 0x00b0  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\windows\System32\drivers\wacompen.sys
01:50:41.0773 0x00b0  WacomPen - ok
01:50:41.0799 0x00b0  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\windows\system32\wbengine.exe
01:50:41.0826 0x00b0  wbengine - ok
01:50:41.0837 0x00b0  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
01:50:41.0849 0x00b0  WbioSrvc - ok
01:50:41.0857 0x00b0  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
01:50:41.0869 0x00b0  Wcmsvc - ok
01:50:41.0878 0x00b0  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\windows\System32\wcncsvc.dll
01:50:41.0891 0x00b0  wcncsvc - ok
01:50:41.0894 0x00b0  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
01:50:41.0901 0x00b0  WcsPlugInService - ok
01:50:41.0904 0x00b0  [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
01:50:41.0910 0x00b0  WdBoot - ok
01:50:41.0926 0x00b0  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
01:50:41.0943 0x00b0  Wdf01000 - ok
01:50:41.0950 0x00b0  [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
01:50:41.0959 0x00b0  WdFilter - ok
01:50:41.0963 0x00b0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\windows\system32\wdi.dll
01:50:41.0971 0x00b0  WdiServiceHost - ok
01:50:41.0974 0x00b0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\windows\system32\wdi.dll
01:50:41.0983 0x00b0  WdiSystemHost - ok
01:50:41.0987 0x00b0  [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv        C:\windows\system32\Drivers\WdNisDrv.sys
01:50:41.0994 0x00b0  WdNisDrv - ok
01:50:41.0996 0x00b0  WdNisSvc - ok
01:50:42.0002 0x00b0  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\windows\System32\webclnt.dll
01:50:42.0011 0x00b0  WebClient - ok
01:50:42.0016 0x00b0  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\windows\system32\wecsvc.dll
01:50:42.0026 0x00b0  Wecsvc - ok
01:50:42.0029 0x00b0  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\windows\system32\wephostsvc.dll
01:50:42.0036 0x00b0  WEPHOSTSVC - ok
01:50:42.0039 0x00b0  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\windows\System32\wercplsupport.dll
01:50:42.0048 0x00b0  wercplsupport - ok
01:50:42.0052 0x00b0  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\windows\System32\WerSvc.dll
01:50:42.0061 0x00b0  WerSvc - ok
01:50:42.0066 0x00b0  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
01:50:42.0073 0x00b0  WFPLWFS - ok
01:50:42.0076 0x00b0  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\windows\System32\wiarpc.dll
01:50:42.0083 0x00b0  WiaRpc - ok
01:50:42.0086 0x00b0  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
01:50:42.0091 0x00b0  WIMMount - ok
01:50:42.0093 0x00b0  WinDefend - ok
01:50:42.0109 0x00b0  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
01:50:42.0126 0x00b0  WinHttpAutoProxySvc - ok
01:50:42.0136 0x00b0  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
01:50:42.0145 0x00b0  Winmgmt - ok
01:50:42.0184 0x00b0  [ B56BFFFB740D76E634DB7B4802E36E4E, 2AA84756DE882463AE4C7BA0DCDEE3E5501DDF673ADD3F37B2B814FB0342E61F ] WinRM           C:\windows\system32\WsmSvc.dll
01:50:42.0227 0x00b0  WinRM - ok
01:50:42.0237 0x00b0  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
01:50:42.0244 0x00b0  WinUsb - ok
01:50:42.0280 0x00b0  [ F6F13FB009D43CE75FDBC35A5A46F9BB, 8F993BB0579129373F9B1A1EEAC1DA18A22B4E6089CAFA7BCAE4D12D1C2A9A03 ] WlanSvc         C:\windows\System32\wlansvc.dll
01:50:42.0312 0x00b0  WlanSvc - ok
01:50:42.0341 0x00b0  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\windows\system32\wlidsvc.dll
01:50:42.0369 0x00b0  wlidsvc - ok
01:50:42.0374 0x00b0  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
01:50:42.0379 0x00b0  WmiAcpi - ok
01:50:42.0386 0x00b0  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
01:50:42.0393 0x00b0  wmiApSrv - ok
01:50:42.0395 0x00b0  WMPNetworkSvc - ok
01:50:42.0401 0x00b0  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\windows\system32\drivers\Wof.sys
01:50:42.0408 0x00b0  Wof - ok
01:50:42.0434 0x00b0  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\windows\system32\workfolderssvc.dll
01:50:42.0464 0x00b0  workfolderssvc - ok
01:50:42.0469 0x00b0  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
01:50:42.0474 0x00b0  wpcfltr - ok
01:50:42.0477 0x00b0  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\windows\System32\wpcsvc.dll
01:50:42.0484 0x00b0  WPCSvc - ok
01:50:42.0488 0x00b0  [ 25BE82B325AC22FE563A58A1AC29F4C1, 4247BAA9A44C964446F81ED44F18B28F1F730F46851EC2B756BAC57FB9D86700 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
01:50:42.0496 0x00b0  WPDBusEnum - ok
01:50:42.0498 0x00b0  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
01:50:42.0504 0x00b0  WpdUpFltr - ok
01:50:42.0507 0x00b0  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
01:50:42.0514 0x00b0  ws2ifsl - ok
01:50:42.0519 0x00b0  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\windows\System32\wscsvc.dll
01:50:42.0528 0x00b0  wscsvc - ok
01:50:42.0531 0x00b0  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\windows\System32\drivers\WSDPrint.sys
01:50:42.0537 0x00b0  WSDPrintDevice - ok
01:50:42.0540 0x00b0  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\windows\system32\DRIVERS\WSDScan.sys
01:50:42.0546 0x00b0  WSDScan - ok
01:50:42.0548 0x00b0  WSearch - ok
01:50:42.0597 0x00b0  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\windows\System32\WSService.dll
01:50:42.0663 0x00b0  WSService - ok
01:50:42.0720 0x00b0  [ F8AAE8C41092D195C470EE7EF2D0BB01, D02B608244D084669632F60CC977BA10A9A5F7CEA73F15A8ADE6BF9EFE8C4052 ] wuauserv        C:\windows\system32\wuaueng.dll
01:50:42.0780 0x00b0  wuauserv - ok
01:50:42.0787 0x00b0  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
01:50:42.0794 0x00b0  WudfPf - ok
01:50:42.0799 0x00b0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
01:50:42.0807 0x00b0  WUDFRd - ok
01:50:42.0813 0x00b0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
01:50:42.0821 0x00b0  WUDFSensorLP - ok
01:50:42.0825 0x00b0  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
01:50:42.0833 0x00b0  wudfsvc - ok
01:50:42.0839 0x00b0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
01:50:42.0859 0x00b0  WUDFWpdFs - ok
01:50:42.0872 0x00b0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
01:50:42.0880 0x00b0  WUDFWpdMtp - ok
01:50:42.0991 0x00b0  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\windows\System32\wwansvc.dll
01:50:43.0014 0x00b0  WwanSvc - ok
01:50:43.0052 0x00b0  [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22          C:\windows\System32\drivers\xusb22.sys
01:50:43.0060 0x00b0  xusb22 - ok
01:50:43.0065 0x00b0  ================ Scan global ===============================
01:50:43.0214 0x00b0  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\windows\system32\basesrv.dll
01:50:43.0258 0x00b0  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\windows\system32\winsrv.dll
01:50:43.0272 0x00b0  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\windows\system32\sxssrv.dll
01:50:43.0295 0x00b0  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\windows\system32\services.exe
01:50:43.0309 0x00b0  [ Global ] - ok
01:50:43.0309 0x00b0  ================ Scan MBR ==================================
01:50:43.0311 0x00b0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
01:50:43.0345 0x00b0  \Device\Harddisk0\DR0 - ok
01:50:43.0387 0x00b0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
01:50:43.0474 0x00b0  \Device\Harddisk1\DR1 - ok
01:50:43.0475 0x00b0  ================ Scan VBR ==================================
01:50:43.0479 0x00b0  [ FF57E33E6CCA0660169B29B5CD8AEFF2 ] \Device\Harddisk0\DR0\Partition1
01:50:43.0480 0x00b0  \Device\Harddisk0\DR0\Partition1 - ok
01:50:43.0482 0x00b0  [ DA43401D012660D4EB5FA587EC6034AE ] \Device\Harddisk0\DR0\Partition2
01:50:43.0483 0x00b0  \Device\Harddisk0\DR0\Partition2 - ok
01:50:43.0485 0x00b0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
01:50:43.0485 0x00b0  \Device\Harddisk0\DR0\Partition3 - ok
01:50:43.0487 0x00b0  [ A35F37B187E3FAB1638D31383A262240 ] \Device\Harddisk0\DR0\Partition4
01:50:43.0488 0x00b0  \Device\Harddisk0\DR0\Partition4 - ok
01:50:43.0489 0x00b0  [ 527F38E1C03C6AA72B050849A0336C7D ] \Device\Harddisk0\DR0\Partition5
01:50:43.0491 0x00b0  \Device\Harddisk0\DR0\Partition5 - ok
01:50:43.0493 0x00b0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
01:50:43.0493 0x00b0  \Device\Harddisk1\DR1\Partition1 - ok
01:50:43.0525 0x00b0  [ 0F4013B5EC0B91CAA6A5560B9EDFDAE5 ] \Device\Harddisk1\DR1\Partition2
01:50:43.0526 0x00b0  \Device\Harddisk1\DR1\Partition2 - ok
01:50:43.0557 0x00b0  [ 560BD42BB44D610708DB88557BA1E2CA ] \Device\Harddisk1\DR1\Partition3
01:50:43.0558 0x00b0  \Device\Harddisk1\DR1\Partition3 - ok
01:50:43.0559 0x00b0  ================ Scan generic autorun ======================
01:50:43.0564 0x00b0  IAStorIcon - ok
01:50:43.0754 0x00b0  [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:50:43.0983 0x00b0  RTHDVCPL - ok
01:50:43.0996 0x00b0  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\windows\system32\rundll32.exe
01:50:44.0007 0x00b0  ShadowPlay - ok
01:50:44.0021 0x00b0  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
01:50:44.0035 0x00b0  XboxStat - ok
01:50:44.0046 0x00b0  [ EB9596C3D95ED4BB59BE1F68CD40CC79, 328A953062FF94B91A1AC30013DC39ECE6EB79B7BC5542C01AA79B71AB440E19 ] C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE
01:50:44.0056 0x00b0  RoccatKoneXTD - detected UnsignedFile.Multi.Generic ( 1 )
01:50:44.0137 0x00b0  Detect skipped due to KSN trusted
01:50:44.0137 0x00b0  RoccatKoneXTD - ok
01:50:44.0138 0x00b0  Web Companion - ok
01:50:44.0187 0x00b0  [ 8E2651C8B953CE3DEDDFBF6034864A66, FC371CFA34D482B9ACBBE678D84BF982D777C00ECFEE20A54BD6C1EDBE4311EC ] C:\Program Files (x86)\Steam\steam.exe
01:50:44.0236 0x00b0  Steam - ok
01:50:44.0270 0x00b0  [ F6B98B8DF6B6F8B7A2CE250A303F4086, DB9720E55FEF2E6759EE6284E234EDBD41469387E6A63A788D46B08234E23374 ] C:\Users\Julian\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
01:50:44.0306 0x00b0  Gaijin.Net Agent - ok
01:50:44.0309 0x00b0  Discord - ok
01:50:44.0310 0x00b0  World of Tanks - ok
01:50:44.0451 0x00b0  [ 0B4431D8286AB24483CEBA4503DCB6B1, 70D54CDDC8CBFAEB11CABF7A1DEA69CBE420EFCA96381E8753AD9326407875EE ] D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe
01:50:44.0516 0x00b0  World of Tanks (1) - ok
01:50:44.0804 0x00b0  [ C60118EE0B605CD3EF7AD29C02D9CB8E, 7F7F96F8EBC5C762702A8C086246EC245965AFC39042ACEFDF6DB29DF0978D99 ] C:\Users\Julian\AppData\Roaming\Spotify\Spotify.exe
01:50:45.0357 0x00b0  Spotify - ok
01:50:45.0482 0x00b0  [ 5F7BB68AC917C4808B98C09996FD35AD, 456FFE335294983B2EC139BAB8B510182A0AD2850849139C294AC07E64D08824 ] D:\Programme (x86)\GOG Galaxy\GalaxyClient.exe
01:50:45.0629 0x00b0  GalaxyClient - ok
01:50:45.0646 0x00b0  [ 03498C0BA3B6153C3A431B1A003B90C3, 6F45FBFFB8E6BF85263F7661520E18A104D22E17A5B9AE73B12111AEED7B711E ] C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
01:50:45.0659 0x00b0  Spotify Web Helper - ok
01:50:45.0663 0x00b0  Waiting for KSN requests completion. In queue: 140
01:50:46.0695 0x00b0  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.817 ), 0x41000 ( enabled : updated )
01:50:46.0696 0x00b0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60100 ( disabled : updated )
01:50:46.0699 0x00b0  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.817 ), 0x41010 ( enabled )
01:50:46.0822 0x00b0  ============================================================
01:50:46.0822 0x00b0  Scan finished
01:50:46.0822 0x00b0  ============================================================
01:50:46.0844 0x299c  Detected object count: 0
01:50:46.0844 0x299c  Actual detected object count: 0

M-K-D-B · 22.09.2017, 20:16

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel
- Prefetch Dateien
- Proxy
- Winsock
- Firewall
- IE Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

exogeen · 22.09.2017, 23:52

Code:

ATTFilter

# AdwCleaner 7.0.2.1 - Logfile created on Fri Sep 22 22:37:39 2017
# Updated on 2017/29/08 by Malwarebytes 
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Julian\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\Users\Julian\Documents\PROPCCleaner
Deleted: C:\Users\Julian\AppData\Local\PRO_PC_Cleaner


***** [ Files ] *****

Deleted: C:\END
Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: PROPCCleaner_Popup
Deleted: PROPCCleaner_Start


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\WebBar
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Value] - HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Value] - HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|wb.exe
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted: [Key] - HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\PROPCCleanerLanguage
Deleted: [Key] - HKCU\Software\PROPCCleanerLanguage
Deleted: [Key] - HKLM\SOFTWARE\PRO PC Cleaner
Deleted: [Key] - HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Spark
Deleted: [Key] - HKCU\Software\Spark
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [4441 B] - [2017/9/22 22:37:8]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

mbam - Logdatei

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 23.09.17
Scan-Zeit: 00:43
Protokolldatei: 6dcd810a-9fe7-11e7-b99f-00fff29517d8.json
Administrator: Ja

-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.188
Version des Aktualisierungspakets: 1.0.2865
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JULIANPC\Julian

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 335255
Erkannte Bedrohungen: 9
In die Quarantäne verschobene Bedrohungen: 9
Abgelaufene Zeit: 1 Min., 31 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.ProPCCleaner, HKLM\SOFTWARE\MICROSOFT\TRACING\ProPCCleaner_RASAPI32, In Quarantäne, [346], [242068],1.0.2865
PUP.Optional.ProPCCleaner, HKLM\SOFTWARE\MICROSOFT\TRACING\ProPCCleaner_RASMANCS, In Quarantäne, [346], [242068],1.0.2865
PUP.Optional.DllKitPRO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BF766CA0-5BF8-47AC-B9BC-F7E91ED9177A}, In Quarantäne, [598], [386992],1.0.2865
PUP.Optional.DllKitPRO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DllKitPRO, In Quarantäne, [598], [324544],1.0.2865

Registrierungswert: 1
PUP.Optional.DllKitPRO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BF766CA0-5BF8-47AC-B9BC-F7E91ED9177A}|PATH, In Quarantäne, [598], [386992],1.0.2865

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 4
PUP.Optional.DllKitPRO, C:\WINDOWS\SYSTEM32\TASKS\DLLKITPRO, In Quarantäne, [598], [324541],1.0.2865
PUM.Optional.FireFoxSearchOverride, C:\USERS\JULIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QU7F1DBJ.DEFAULT\USER.JS, In Quarantäne, [15864], [302334],1.0.2865
PUP.Optional.AdvisterMedia, C:\USERS\JULIAN\APPDATA\LOCAL\TEMP\CLEA70E.TMP, In Quarantäne, [950], [377512],1.0.2865
PUP.Optional.AdvisterMedia, C:\USERS\JULIAN\DOWNLOADS\DLLKIT-SETUP.EXE, In Quarantäne, [950], [377512],1.0.2865

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2017
durchgeführt von Julian (Administrator) auf JULIANPC (23-09-2017 00:50:18)
Gestartet von C:\Users\Julian\Desktop
Geladene Profile: Julian (Verfügbare Profile: Julian)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Gaijin Entertainment) C:\Users\Julian\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Wargaming.net) D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient.exe
(GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Julian\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-28] (Gaijin Entertainment)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Discord] => C:\Users\Julian\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [World of Tanks] => "D:\World of Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [World of Tanks (1)] => D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Spotify] => C:\Users\Julian\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [GalaxyClient] => D:\Programme (x86)\GOG Galaxy\GalaxyClient.exe [5161536 2017-09-08] (GOG.com)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Spotify Web Helper] => C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\MountPoints2: {9cb3c07b-fe1f-11e4-8270-806e6f6e6963} - "G:\autorun.exe" 
HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-12-25]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{55905A7B-D38A-4C05-B346-B12C55900D9D}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{DD4F3609-B808-43BD-8ECA-B4A87964F757}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll => Keine Datei
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default [2017-09-23]
FF Extension: (Adblock Plus) - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-25]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-21] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3495731131-4003904178-1165495969-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3495731131-4003904178-1165495969-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-30] ()

Chrome: 
=======
CHR Profile: C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default [2017-09-21]
CHR Extension: (Google Präsentationen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-29]
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-29]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-29]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-29]
CHR Extension: (Adblock Plus) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-21]
CHR Extension: (Steam Inventory Helper) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-09-21]
CHR Extension: (Google Tabellen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-29]
CHR Extension: (Kaspersky Protection) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-21]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [399120 2017-02-13] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Programme (x86)\GOG Galaxy\GalaxyClientService.exe [532544 2017-09-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-08-25] (GOG.com)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme (x86)\Origin\OriginClientService.exe [2098528 2017-09-03] (Electronic Arts)
S2 Origin Web Helper Service; D:\Programme (x86)\Origin\OriginWebHelperService.exe [2977640 2017-09-03] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2016-02-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe" [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 ESEADriver2; C:\Users\Julian\AppData\Local\Temp\ESEADriver2.sys [326792 2017-07-26] () <==== ACHTUNG
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 Hamachi; C:\windows\system32\DRIVERS\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
R0 kl1; C:\windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\windows\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\windows\system32\DRIVERS\klflt.sys [197312 2017-07-25] (AO Kaspersky Lab)
R1 klhk; C:\windows\system32\DRIVERS\klhk.sys [520176 2017-04-12] (AO Kaspersky Lab)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [1021624 2017-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\windows\system32\DRIVERS\klim6.sys [57424 2016-12-16] (AO Kaspersky Lab)
R3 klkbdflt; C:\windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\windows\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\windows\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 klwfp; C:\windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\windows\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\windows\system32\DRIVERS\kneps.sys [199640 2017-07-25] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-23] (Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\DRIVERS\farflt.sys [101824 2017-09-23] (Malwarebytes)
R3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [45472 2017-09-23] (Malwarebytes)
R0 MBAMSwissArmy; C:\windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-23] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [94144 2017-09-23] (Malwarebytes)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 NVVADARM; C:\windows\system32\drivers\nvvadarm.sys [46016 2017-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation)
R3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 cpuz135; \??\C:\Users\Julian\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X] <==== ACHTUNG
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-23 00:50 - 2017-09-23 00:50 - 000000000 ____D C:\Users\Julian\Desktop\FRST-OlderVersion
2017-09-23 00:47 - 2017-09-23 00:47 - 000002492 _____ C:\Users\Julian\Desktop\mbam.txt
2017-09-23 00:45 - 2017-09-23 00:45 - 000000000 _____ C:\windows\cd_127
2017-09-23 00:42 - 2017-09-23 00:46 - 000253888 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-23 00:42 - 2017-09-23 00:46 - 000101824 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-09-23 00:42 - 2017-09-23 00:46 - 000094144 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-09-23 00:42 - 2017-09-23 00:46 - 000045472 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-09-23 00:42 - 2017-09-23 00:42 - 000192960 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2017-09-23 00:42 - 2017-09-23 00:42 - 000001847 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-23 00:42 - 2017-08-24 11:27 - 000077440 _____ C:\windows\system32\Drivers\mbae64.sys
2017-09-23 00:41 - 2017-09-23 00:41 - 068408664 _____ (Malwarebytes ) C:\Users\Julian\Desktop\mb3-setup-consumer-3.2.2.2029.exe
2017-09-23 00:35 - 2017-09-23 00:37 - 000000000 ____D C:\AdwCleaner
2017-09-23 00:35 - 2017-09-23 00:35 - 008182736 _____ (Malwarebytes) C:\Users\Julian\Desktop\adwcleaner_7.0.2.1.exe
2017-09-22 01:47 - 2017-09-22 01:54 - 000228300 _____ C:\TDSSKiller.3.1.0.15_22.09.2017_01.47.01_log.txt
2017-09-22 01:46 - 2017-09-22 01:46 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Julian\Desktop\tdsskiller.exe
2017-09-22 01:39 - 2017-09-22 01:39 - 000069826 _____ C:\Users\Julian\Desktop\Addition.txt
2017-09-22 01:38 - 2017-09-23 00:50 - 000022063 _____ C:\Users\Julian\Desktop\FRST.txt
2017-09-22 01:37 - 2017-09-23 00:50 - 002399744 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2017-09-21 19:08 - 2017-09-21 19:08 - 000069344 _____ C:\Users\Julian\Downloads\Addition.txt
2017-09-21 19:08 - 2017-09-21 19:08 - 000053958 _____ C:\Users\Julian\Downloads\FRST.txt
2017-09-21 19:07 - 2017-09-23 00:50 - 000000000 ____D C:\FRST
2017-09-21 19:07 - 2017-09-21 19:07 - 002399744 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2017-09-21 17:30 - 2017-09-21 17:30 - 000002157 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-09-21 17:30 - 2017-09-21 17:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-21 17:30 - 2017-09-16 19:17 - 000135800 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2017-09-21 17:30 - 2017-07-20 19:21 - 000905504 _____ C:\windows\system32\vulkan-1.dll
2017-09-21 17:30 - 2017-07-20 19:21 - 000776992 _____ C:\windows\SysWOW64\vulkan-1.dll
2017-09-21 17:30 - 2017-07-20 19:21 - 000578848 _____ C:\windows\system32\vulkaninfo.exe
2017-09-21 17:30 - 2017-07-20 19:21 - 000477472 _____ C:\windows\SysWOW64\vulkaninfo.exe
2017-09-21 17:29 - 2017-09-16 19:34 - 000548472 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2017-09-21 17:29 - 2017-09-16 19:34 - 000082040 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 040240064 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 035883640 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 035314112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 028987512 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 023132720 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 018849968 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 017808120 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 015427520 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 013782720 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 012241792 _____ (NVIDIA Corporation) C:\windows\system32\nvptxJitCompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 011692856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 010087504 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvptxJitCompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 003793016 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 003346368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001988216 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6438569.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001606592 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6438569.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001067456 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001005176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000972920 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000924096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000895968 _____ (NVIDIA Corporation) C:\windows\system32\nvmcumd.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000690504 _____ (NVIDIA Corporation) C:\windows\system32\nvfatbinaryLoader.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000609912 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000578056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvfatbinaryLoader.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000512672 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000499136 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000491720 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000429920 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000407064 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000218712 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 000171384 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000154392 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000149040 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000132256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000124536 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcaparm.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000046016 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvadarm.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 000045976 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000000669 _____ C:\windows\SysWOW64\nv-vk32.json
2017-09-21 17:27 - 2017-09-16 21:23 - 000000669 _____ C:\windows\system32\nv-vk64.json
2017-09-21 17:17 - 2017-09-21 17:30 - 000000000 ____D C:\windows\LastGood.Tmp
2017-09-21 17:17 - 2017-09-21 17:17 - 000004146 _____ C:\windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003852 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003814 _____ C:\windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003738 _____ C:\windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003730 _____ C:\windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003554 _____ C:\windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-19 09:20 - 000121280 _____ C:\windows\system32\NvRtmpStreamer64.dll
2017-09-21 17:17 - 2017-09-19 09:20 - 000057792 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvhci.sys
2017-09-21 17:17 - 2017-09-19 09:20 - 000048064 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2017-09-21 17:17 - 2017-09-18 23:29 - 000001951 _____ C:\windows\NvTelemetryContainerRecovery.bat
2017-09-21 17:17 - 2017-09-16 19:54 - 000001951 _____ C:\windows\NvContainerRecovery.bat
2017-09-21 17:16 - 2017-09-21 17:17 - 083757104 _____ (NVIDIA Corporation) C:\Users\Julian\Downloads\GeForce_Experience_v3.9.0.97.exe
2017-09-21 14:46 - 2017-09-21 14:46 - 000002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-20 23:42 - 2017-09-20 23:42 - 000012936 _____ C:\Users\Julian\Desktop\Stundenplan - Uni.pdf
2017-09-17 12:45 - 2017-09-17 12:45 - 1116115571 ____N C:\windows\MEMORY.DMP
2017-09-17 12:45 - 2017-09-17 12:45 - 000278704 _____ C:\windows\Minidump\091717-43984-01.dmp
2017-09-13 15:58 - 2017-09-13 15:58 - 000188806 _____ C:\Users\Julian\Desktop\cm._2017-09-13_1558502891363651769514687.pdf
2017-09-13 14:26 - 2017-08-18 00:07 - 000537200 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-09-13 14:26 - 2017-08-18 00:03 - 000450392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-09-13 14:26 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-09-13 14:26 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-09-13 14:26 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-09-13 14:26 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-09-13 14:26 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-09-13 14:26 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-09-13 14:26 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-09-13 14:26 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-09-13 14:26 - 2017-08-13 18:15 - 007078912 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-09-13 14:26 - 2017-08-13 18:05 - 000380416 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-09-13 14:26 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-09-13 14:26 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-09-13 14:26 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-09-13 14:26 - 2017-08-13 17:52 - 005274624 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-09-13 14:26 - 2017-08-13 17:52 - 000486912 _____ (Microsoft Corporation) C:\windows\system32\tpmvsc.dll
2017-09-13 14:26 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-09-13 14:26 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-09-13 14:26 - 2017-08-13 17:44 - 000331776 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-09-13 14:26 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-09-13 14:26 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-09-13 14:26 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-09-13 14:26 - 2017-08-13 17:25 - 007797248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-09-13 14:26 - 2017-08-13 17:18 - 005270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 14:26 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-09-13 14:26 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-09-13 14:26 - 2017-08-12 11:30 - 022361344 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-09-13 14:26 - 2017-08-12 11:26 - 019789736 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-09-13 14:26 - 2017-08-12 02:39 - 001364552 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-09-13 14:26 - 2017-08-12 01:59 - 007440728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-09-13 14:26 - 2017-08-12 01:58 - 001737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-09-13 14:26 - 2017-08-11 22:46 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPTpm12.dll
2017-09-13 14:26 - 2017-08-11 22:13 - 000175616 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll
2017-09-13 14:26 - 2017-08-11 05:30 - 004170240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-09-13 14:26 - 2017-08-11 05:27 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-09-13 14:26 - 2017-08-11 04:38 - 000477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-09-13 14:26 - 2017-08-11 04:08 - 001753600 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2017-09-13 14:26 - 2017-08-11 04:08 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2017-09-13 14:26 - 2017-08-11 04:02 - 001084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-09-13 14:26 - 2017-08-11 03:52 - 001491456 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2017-09-13 14:26 - 2017-08-11 03:44 - 001095680 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-09-13 14:26 - 2017-08-11 03:43 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-09-13 14:26 - 2017-08-06 09:13 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-09-13 14:26 - 2017-07-17 21:53 - 004298240 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2017-09-13 14:26 - 2017-07-17 01:55 - 003551744 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2017-09-13 14:26 - 2017-07-14 01:03 - 002013528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-09-13 14:26 - 2017-07-12 22:29 - 000420440 _____ (Microsoft Corporation) C:\windows\system32\wevtapi.dll
2017-09-13 14:26 - 2017-07-12 22:25 - 000308872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wevtapi.dll
2017-09-13 14:26 - 2017-07-08 05:14 - 000100184 ____C (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2017-09-13 14:25 - 2017-08-19 19:27 - 000237568 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2017-09-13 14:25 - 2017-08-19 18:48 - 000215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2017-09-13 14:25 - 2017-08-18 00:07 - 000140016 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2017-09-13 14:25 - 2017-08-18 00:03 - 000136832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2017-09-13 14:25 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-09-13 14:25 - 2017-08-15 16:01 - 000128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-09-13 14:25 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-09-13 14:25 - 2017-08-13 19:19 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nsiproxy.sys
2017-09-13 14:25 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-09-13 14:25 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-09-13 14:25 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-09-13 14:25 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-09-13 14:25 - 2017-08-13 18:21 - 000145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-09-13 14:25 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-09-13 14:25 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-09-13 14:25 - 2017-08-13 18:14 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-09-13 14:25 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-09-13 14:25 - 2017-08-13 17:51 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-09-13 14:25 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-09-13 14:25 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-09-13 14:25 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-09-13 14:25 - 2017-08-12 01:58 - 001502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-09-13 14:25 - 2017-08-11 22:29 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\PCPTpm12.dll
2017-09-13 14:25 - 2017-08-11 05:27 - 000281600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2017-09-13 14:25 - 2017-08-11 03:49 - 000346624 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2017-09-13 14:25 - 2017-08-11 03:41 - 000307200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2017-09-13 14:25 - 2017-08-06 23:20 - 000607232 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-09-13 14:25 - 2017-07-22 20:34 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
2017-09-13 14:25 - 2017-07-22 19:32 - 000027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsium.dll
2017-09-13 14:25 - 2017-07-12 22:29 - 000075440 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-09-13 14:25 - 2017-07-12 22:25 - 000066112 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-09-13 14:25 - 2017-07-08 21:03 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-09-13 14:25 - 2017-07-08 20:43 - 000197632 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-09-13 14:25 - 2017-07-08 20:30 - 000039936 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-09-13 14:25 - 2017-07-08 20:20 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-09-13 14:25 - 2017-07-08 19:25 - 001436160 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-09-13 14:25 - 2017-07-08 19:00 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-09-12 22:09 - 2017-09-12 22:09 - 000000000 ____D C:\Users\Julian\Desktop\MP_MODSPACK
2017-09-12 22:05 - 2017-09-12 22:05 - 010353001 _____ C:\Users\Julian\Downloads\[DLC - SP and MP] NQMod v12.2.zip
2017-09-06 14:21 - 2017-09-06 14:21 - 000355567 _____ C:\Users\Julian\Downloads\SKMBT_C28017090611100.pdf
2017-09-04 18:26 - 2017-09-04 18:26 - 000000000 ____D C:\Users\Julian\AppData\Local\UnrealEngine
2017-09-04 18:26 - 2017-09-04 18:26 - 000000000 ____D C:\Users\Julian\AppData\Local\TslGame
2017-09-02 14:41 - 2017-09-03 16:44 - 000000000 ____D C:\Users\Julian\Desktop\Warcraft III
2017-09-01 20:57 - 2017-09-01 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Empire Earth Gold [GOG.com]
2017-09-01 20:53 - 2017-09-01 20:53 - 000000742 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\Users\Julian\AppData\Local\GOG.com
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\ProgramData\GOG.com
2017-09-01 20:51 - 2017-09-01 20:52 - 162203456 _____ (GOG.com ) C:\Users\Julian\Downloads\setup_galaxy_1.2.20.36.exe
2017-08-28 20:31 - 2017-08-28 20:31 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\Battlestate Games
2017-08-28 20:30 - 2017-08-28 20:30 - 000000000 ____D C:\Users\Julian\Documents\Escape from Tarkov
2017-08-28 20:10 - 2017-08-28 20:10 - 000000766 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\Users\Julian\AppData\Local\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\ProgramData\Battlestate Games
2017-08-28 20:07 - 2017-08-28 20:08 - 053713176 _____ (Battlestate Games ) C:\Users\Julian\Downloads\BsgLauncher.0.2.1.156.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-23 00:48 - 2015-08-08 19:21 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-23 00:47 - 2015-04-20 16:58 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-23 00:46 - 2015-10-15 23:10 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Spotify
2017-09-23 00:46 - 2015-10-15 23:10 - 000000000 ____D C:\Users\Julian\AppData\Local\Spotify
2017-09-23 00:46 - 2015-08-08 19:03 - 000000000 ___RD C:\Users\Julian\OneDrive
2017-09-23 00:45 - 2015-03-11 13:18 - 000766276 _____ C:\windows\system32\perfh007.dat
2017-09-23 00:45 - 2015-03-11 13:18 - 000160034 _____ C:\windows\system32\perfc007.dat
2017-09-23 00:45 - 2014-11-22 03:01 - 001783084 _____ C:\windows\system32\PerfStringBackup.INI
2017-09-23 00:45 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-09-23 00:45 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2017-09-23 00:45 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2017-09-23 00:37 - 2017-06-27 19:50 - 000000000 ____D C:\Users\Julian\AppData\Local\Downloaded Installations
2017-09-23 00:12 - 2015-08-08 20:21 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-23 00:11 - 2015-04-20 16:58 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-09-22 17:13 - 2017-01-17 22:09 - 000000000 ____D C:\Users\Julian\AppData\Roaming\TS3Client
2017-09-22 10:16 - 2015-08-08 19:04 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3495731131-4003904178-1165495969-1001
2017-09-22 10:06 - 2015-10-11 13:25 - 000000000 ____D C:\Users\Julian\AppData\Local\NVIDIA Corporation
2017-09-22 01:55 - 2016-11-16 13:35 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\Mozilla
2017-09-21 23:39 - 2016-10-09 14:06 - 000000000 ____D C:\Users\Julian\AppData\Local\Anno Online
2017-09-21 23:11 - 2015-08-08 20:29 - 000000000 ____D C:\Users\Julian\AppData\Local\Battle.net
2017-09-21 20:30 - 2015-08-08 20:29 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-21 17:30 - 2015-10-11 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-21 17:30 - 2015-04-20 16:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-21 17:29 - 2015-04-20 16:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-21 17:19 - 2015-08-08 18:59 - 000000000 ____D C:\Users\Julian\AppData\Local\NVIDIA
2017-09-21 17:17 - 2015-10-11 13:25 - 000001436 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-09-21 14:46 - 2016-06-29 11:54 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 14:45 - 2016-06-29 11:49 - 001130328 _____ (Google Inc.) C:\Users\Julian\Downloads\ChromeSetup.exe
2017-09-21 14:29 - 2015-08-08 19:37 - 000004342 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-09-21 14:29 - 2015-08-08 19:36 - 000000000 ____D C:\Users\Julian\AppData\Local\Adobe
2017-09-21 14:29 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-09-21 14:29 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2017-09-20 23:42 - 2016-02-25 16:34 - 000117760 ___SH C:\Users\Julian\Downloads\Thumbs.db
2017-09-20 15:12 - 2017-07-26 15:25 - 000000000 ____D C:\Users\Julian\AppData\Roaming\AlbionOnline
2017-09-19 15:52 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-19 15:52 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2017-09-19 09:20 - 2015-10-11 13:25 - 001923008 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001755072 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001505728 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001317312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 000179136 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 000146368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2017-09-18 19:04 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2017-09-17 12:45 - 2015-08-21 18:12 - 000000000 ____D C:\windows\Minidump
2017-09-16 21:23 - 2015-04-20 16:58 - 021407000 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 018706120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 014688256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 004188872 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 003692216 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 001615448 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 001606592 _____ (NVIDIA Corporation) C:\windows\system32\nvmcvadgenco64.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000512960 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000418752 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000044180 _____ C:\windows\system32\nvinfo.pb
2017-09-16 19:34 - 2015-04-20 16:58 - 006463424 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 002478528 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 001762752 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 000392312 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 000069752 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2017-09-15 17:03 - 2015-04-20 16:58 - 008248071 _____ C:\windows\system32\nvcoproc.bin
2017-09-15 14:31 - 2013-08-22 16:44 - 000498152 _____ C:\windows\system32\FNTCACHE.DAT
2017-09-15 03:32 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2017-09-14 21:19 - 2015-08-10 22:12 - 000000000 ____D C:\windows\system32\MRT
2017-09-14 21:17 - 2015-03-10 11:41 - 138202976 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-09-14 21:17 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2017-09-14 20:07 - 2015-08-11 13:47 - 000612352 ___SH C:\Users\Julian\Desktop\Thumbs.db
2017-09-13 01:19 - 2015-08-12 13:19 - 006476800 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2017-09-10 03:54 - 2015-08-17 02:27 - 000000000 ____D C:\ProgramData\Origin
2017-09-10 01:19 - 2015-08-17 02:28 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Origin
2017-09-07 15:12 - 2017-07-26 15:13 - 000000000 ____D C:\Program Files (x86)\AlbionOnline
2017-09-02 23:55 - 2015-08-08 20:29 - 000000000 ____D C:\Users\Julian\AppData\Local\Blizzard Entertainment
2017-09-02 01:54 - 2014-11-22 07:29 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 01:54 - 2014-11-22 07:29 - 000177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-01 17:26 - 2016-11-16 05:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-01 17:26 - 2015-08-08 19:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-20 17:06 - 2015-04-20 17:06 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-08 19:40 - 2015-08-08 19:40 - 000000032 _____ () C:\ProgramData\Temp.log
2015-04-20 18:02 - 2015-04-20 18:02 - 000000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-04-20 17:58 - 2015-04-20 17:58 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-04-20 18:01 - 2015-04-20 18:01 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-04-20 17:56 - 2015-04-20 17:57 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-04-20 17:57 - 2015-04-20 17:57 - 000000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2015-04-20 17:58 - 2015-04-20 17:58 - 000000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

Einige Dateien in TEMP:
====================
2017-06-27 19:50 - 2017-06-27 19:50 - 000008720 _____ () C:\Users\Julian\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-06-27 19:51 - 2017-06-27 19:51 - 000012080 _____ () C:\Users\Julian\AppData\Local\Temp\BullseyeCoverage-x64-3.dll
2017-06-27 19:53 - 2017-06-27 19:53 - 000010520 _____ () C:\Users\Julian\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-07-02 18:34 - 2006-08-21 22:09 - 000040960 _____ () C:\Users\Julian\AppData\Local\Temp\comver.dll
2017-01-01 23:25 - 2017-01-01 23:25 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Julian\AppData\Local\Temp\jansi-64-1698362706062980916.dll
2017-01-01 22:43 - 2017-01-01 22:43 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Julian\AppData\Local\Temp\jansi-64-405200828569151077.dll
2017-01-01 22:57 - 2017-01-01 22:57 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Julian\AppData\Local\Temp\jansi-64-5083714273185470827.dll
2015-10-11 13:30 - 2015-10-03 04:18 - 000835592 _____ (NVIDIA Corporation) C:\Users\Julian\AppData\Local\Temp\nvSCPAPI64.dll
2017-09-21 17:28 - 2015-10-03 04:18 - 000316024 _____ (NVIDIA Corporation) C:\Users\Julian\AppData\Local\Temp\nvStInst.exe
2015-11-02 17:36 - 2010-06-15 18:03 - 000149352 ____R (Microsoft Corporation) C:\Users\Julian\AppData\Local\Temp\ose00000.exe
2017-01-30 21:31 - 2017-01-30 21:35 - 1388312032 _____ () C:\Users\Julian\AppData\Local\Temp\ubiB347.tmp.exe
2017-08-08 15:27 - 2017-08-08 15:27 - 013767776 _____ (Microsoft Corporation) C:\Users\Julian\AppData\Local\Temp\vcredist_x86.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-18 18:38

==================== Ende von FRST.txt ============================

--- --- ---

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-09-2017
durchgeführt von Julian (23-09-2017 00:50:38)
Gestartet von C:\Users\Julian\Desktop
Windows 8.1 (Update) (X64) (2015-08-08 16:59:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3495731131-4003904178-1165495969-500 - Administrator - Disabled)
Gast (S-1-5-21-3495731131-4003904178-1165495969-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3495731131-4003904178-1165495969-1003 - Limited - Enabled)
Julian (S-1-5-21-3495731131-4003904178-1165495969-1001 - Administrator - Enabled) => C:\Users\Julian

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version:  - Sandbox Interactive GmbH)
AlienFX for KoneXTD (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
Anno Online (HKLM\...\Steam App 336510) (Version:  - Blue Byte)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Batman: Arkham Asylum GOTY Edition (HKLM\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 0.2.1.156 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.2.1.156 - Battlestate Games)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Empire Earth Gold Edition (HKLM-x32\...\1207658777_is1) (Version: 2.1.0.17 - GOG.com)
Endless Legend (HKLM\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
ESEA (HKLM\...\Steam App 479130) (Version:  - ESEA)
ESEA Client (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2014 (HKLM\...\Steam App 226580) (Version:  - Codemasters)
For Honor Open Beta (HKLM\...\Steam App 572600) (Version:  - Ubisoft Montreal)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{85E3592A-8C11-44F4-AABD-F82EF41167AD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\GameRanger) (Version:  - GameRanger Technologies)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.91 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version:  - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
Hero of the Kingdom (HKLM\...\Steam App 259550) (Version:  - Lonely Troops)
Hero of the Kingdom II (HKLM\...\Steam App 346560) (Version:  - Lonely Troops)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes of Might & Magic III - HD Edition (HKLM-x32\...\Steam App 297000) (Version:  - DotEmu)
Heroes of Might & Magic V (HKLM\...\Steam App 15170) (Version:  - Nival)
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kingdom Rush (HKLM\...\Steam App 246420) (Version:  - Ironhide Game Studio)
Kingdom Rush Frontiers (HKLM\...\Steam App 458710) (Version:  - Ironhide Game Studio)
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\Steam App 32440) (Version:  - Traveller's Tales)
Magicka (HKLM\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.0 - Ubisoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{26E474C7-E63A-4EC2-A08C-909B996AA75D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F78F19A8-F3F5-4407-B98B-F23ACC82DBF5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Neverwinter (HKLM\...\Steam App 109600) (Version:  - Cryptic Studios)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 385.69 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.44.0 - Overwolf Ltd.)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Spotify (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 2 (HKLM\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold HD (HKLM\...\Steam App 40950) (Version:  - FireFly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version:  - Rune Forge)
Titan Quest (HKLM\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Tower Wars (HKLM\...\Steam App 214360) (Version:  - SuperVillain Studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 26.0 - Ubisoft)
Valokuvavalikoima (HKLM-x32\...\{B315ABA6-8217-484E-9AC5-38806E265664}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
World of Tanks (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
Yu-Gi-Oh! Legacy of the Duelist (HKLM\...\Steam App 480650) (Version:  - Other Ocean Interactive)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A911D77-F086-4808-8ED7-A044F5758B66} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: {0AA0938B-8DC1-4A27-92C9-445A08E4BBEF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {2D413BD3-9068-44CC-A219-F38F263A6EB9} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
Task: {2E102776-F9A8-4307-8BB4-5393A31D60F3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {499491A7-2617-4A71-8633-984D9EF142C5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {711FCD02-4903-4575-8DDA-80A89D1687B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-09-14] (Microsoft Corporation)
Task: {73FF3D9E-438B-4B96-874B-1DD4BFA5877B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {7A97ACA1-8F23-4677-9A0E-B57DA961B5DB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {7EA5AC2B-2B1F-4069-B18E-6CFCFE01615E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {94F3D13F-128D-4F2F-B33E-84C5ACF0882F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {A766DD9D-8F3F-412E-AED3-86FF473B769A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {A9C31928-EE7F-471F-BCFE-397F6F385F6B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-21] (Adobe Systems Incorporated)
Task: {AE2C14E6-119A-421C-B6FE-4A7425DE92FE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {BAFA3744-4A21-43C7-88AB-05E7ED80712E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {C97325EF-0FC0-4432-A4CF-3C8C795D8B1C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {DA7D195F-2D67-4242-91A4-13A1FF02B8B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-21 17:17 - 2017-09-19 09:20 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-02-26 21:10 - 2016-02-26 21:10 - 000066872 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2017-09-23 00:42 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-12-25 12:46 - 2012-06-17 12:20 - 000061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 053018112 _____ () D:\Programme (x86)\GOG Galaxy\libcef.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000507968 _____ () D:\Programme (x86)\GOG Galaxy\PocoUtil.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001076800 _____ () D:\Programme (x86)\GOG Galaxy\PocoNet.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001854528 _____ () D:\Programme (x86)\GOG Galaxy\PocoData.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000393280 _____ () D:\Programme (x86)\GOG Galaxy\PocoDataSQLite.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001589312 _____ () D:\Programme (x86)\GOG Galaxy\PocoFoundation.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000307776 _____ () D:\Programme (x86)\GOG Galaxy\PocoNetSSL.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000330816 _____ () D:\Programme (x86)\GOG Galaxy\PocoJSON.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000130112 _____ () D:\Programme (x86)\GOG Galaxy\xdelta3.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000104000 _____ () D:\Programme (x86)\GOG Galaxy\zlib.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000520768 _____ () D:\Programme (x86)\GOG Galaxy\PocoXML.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000272448 _____ () D:\Programme (x86)\GOG Galaxy\PocoZip.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000680000 _____ () D:\Programme (x86)\GOG Galaxy\sqlite.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000425536 _____ () D:\Programme (x86)\GOG Galaxy\pcre.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000157760 _____ () D:\Programme (x86)\GOG Galaxy\PocoCrypto.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000152128 _____ () D:\Programme (x86)\GOG Galaxy\expat.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 001589312 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoFoundation.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000330816 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoJSON.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000507968 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoUtil.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000104000 _____ () C:\ProgramData\GOG.com\Galaxy\redists\zlib.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000425536 _____ () C:\ProgramData\GOG.com\Galaxy\redists\pcre.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000520768 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoXML.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000152128 _____ () C:\ProgramData\GOG.com\Galaxy\redists\expat.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 001738752 _____ () D:\Programme (x86)\GOG Galaxy\libglesv2.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 000078848 _____ () D:\Programme (x86)\GOG Galaxy\libegl.dll
2017-09-21 17:17 - 2017-09-19 09:20 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-04-20 16:54 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:gs5sys [7170]
AlternateDataStreams: C:\Users\All Users:gs5sys [7170]
AlternateDataStreams: C:\Users\Julian:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [7170]
AlternateDataStreams: C:\Users\Julian\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\Documents\desktop.ini:gs5sys [1792]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [1792]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img2.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\StartupApproved\Run: => "EADM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

21-09-2017 19:39:51 chip 1-click download service wurde entfernt.

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/23/2017 12:46:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x77c
Startzeit der fehlerhaften Anwendung: 0x01d333f48957cfad
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: cffaa1f6-9fe7-11e7-82e6-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/23/2017 12:38:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x744
Startzeit der fehlerhaften Anwendung: 0x01d333f37b95bc84
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: c238a95c-9fe6-11e7-82e5-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/22/2017 10:20:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{f9b7d767-aa8f-42f6-b493-9b0ba819592d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (09/21/2017 06:05:00 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (09/21/2017 05:15:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1868

Startzeit: 01d332ec4c6d746e

Endzeit: 14

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: a3e79bd9-9edf-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:07:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15e8

Startzeit: 01d332eb19d2feda

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: 8c45832a-9ede-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:05:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a68

Startzeit: 01d332ea564fd91b

Endzeit: 7

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: f1633d2b-9edd-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:00:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8f8

Startzeit: 01d332ea07bea96e

Endzeit: 18

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: 8b34f74a-9edd-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 04:53:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x634
Startzeit der fehlerhaften Anwendung: 0x01d332e95409ad0f
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: 9aaecb82-9edc-11e7-82e4-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 01:38:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Battle.net Helper.exe, Version: 0.0.0.0, Zeitstempel: 0x599dc107
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2623.1435.0, Zeitstempel: 0x591a1a2e
Ausnahmecode: 0x80000003
Fehleroffset: 0x0019b129
ID des fehlerhaften Prozesses: 0x1d40
Startzeit der fehlerhaften Anwendung: 0x01d3326925e2c0bb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Battle.net\Battle.net.9262\Battle.net Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Battle.net\Battle.net.9262\libcef.dll
Berichtskennung: da0ef609-9e5c-11e7-82e3-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (09/23/2017 12:48:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/23/2017 12:46:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/23/2017 12:46:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/23/2017 12:46:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/23/2017 12:46:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/23/2017 12:46:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.

Error: (09/23/2017 12:45:48 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (09/23/2017 12:41:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/23/2017 12:39:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/23/2017 12:39:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 12240.42 MB
Verfügbarer physikalischer RAM: 9386.68 MB
Summe virtueller Speicher: 24528.42 MB
Verfügbarer virtueller Speicher: 21204.88 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.53 GB) (Free:29.39 GB) NTFS
Drive d: (Data) (Fixed) (Total:1802.89 GB) (Free:1204.08 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:40.59 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 23.09.2017, 20:46

Servus,

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.

Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

ATTFilter

:filefind
*PRO*PC*Cleaner*
*lavasofttcpservice*
*Web*Companion*
*chip*1-click*
*DLLKITPRO*

:folderfind
*PRO*PC*Cleaner*
*lavasofttcpservice*
*Web*Companion*
*chip*1-click*
*DLLKITPRO*

:regfind
PROPCCleaner
PRO PC Cleaner
lavasofttcpservice
Web Companion
chip 1-click
DLLKITPRO

Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

exogeen · 24.09.2017, 02:04

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-09-2017
durchgeführt von Julian (24-09-2017 02:50:41) Run:1
Gestartet von C:\Users\Julian\Desktop
Geladene Profile: Julian (Verfügbare Profile: Julian)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************


========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\Program Files

23.09.2017  00:42    <DIR>          .
23.09.2017  00:42    <DIR>          ..
25.12.2015  12:45    <DIR>          Alienware
15.12.2016  08:58    <DIR>          Common Files
08.08.2015  19:42    <DIR>          CyberLink
20.04.2015  16:57    <DIR>          Intel
15.09.2017  03:32    <DIR>          Internet Explorer
23.09.2017  00:42    <DIR>          Malwarebytes
02.11.2015  17:36    <DIR>          Microsoft Office
30.12.2015  18:10    <DIR>          Microsoft Xbox 360 Accessories
10.03.2015  10:22    <DIR>          MSBuild
20.04.2015  18:01    <DIR>          NewBlue
08.08.2015  19:14    <DIR>          Nitro
21.09.2017  17:30    <DIR>          NVIDIA Corporation
20.04.2015  17:06    <DIR>          Realtek
10.03.2015  10:22    <DIR>          Reference Assemblies
14.04.2017  04:09    <DIR>          Windows Defender
18.08.2015  20:29    <DIR>          Windows Mail
18.08.2015  20:29    <DIR>          Windows Media Player
22.11.2014  07:25    <DIR>          Windows Multimedia Platform
22.08.2013  17:36    <DIR>          Windows NT
18.08.2015  20:29    <DIR>          Windows Photo Viewer
22.11.2014  07:25    <DIR>          Windows Portable Devices
08.11.2015  14:16    <DIR>          WindowsPowerShell
21.08.2015  18:12    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              25 Verzeichnis(se), 31.342.546.944 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\Program Files (x86)

21.09.2017  19:39    <DIR>          .
21.09.2017  19:39    <DIR>          ..
07.09.2017  15:12    <DIR>          AlbionOnline
08.08.2015  19:17    <DIR>          Ashampoo
21.09.2017  20:30    <DIR>          Battle.net
28.04.2017  21:32    <DIR>          Common Files
19.07.2017  16:41    <DIR>          Diablo III
29.06.2016  11:53    <DIR>          Google
20.04.2015  16:54    <DIR>          Intel
15.09.2017  03:32    <DIR>          Internet Explorer
16.12.2016  09:10    <DIR>          Kaspersky Lab
02.11.2015  17:36    <DIR>          Microsoft Analysis Services
12.10.2015  17:30    <DIR>          Microsoft ASP.NET
29.11.2015  12:24    <DIR>          Microsoft Office
11.03.2015  14:12    <DIR>          Microsoft SQL Server Compact Edition
05.04.2016  14:35    <DIR>          Microsoft XNA
02.11.2015  17:38    <DIR>          Microsoft.NET
01.09.2017  17:26    <DIR>          Mozilla Firefox
01.09.2017  17:26    <DIR>          Mozilla Maintenance Service
10.03.2015  10:22    <DIR>          MSBuild
20.04.2015  18:01    <DIR>          NewBlue
20.04.2015  18:02    <DIR>          NSIS Uninstall Information
21.09.2017  17:29    <DIR>          NVIDIA Corporation
17.10.2015  21:00    <DIR>          OpenAL
29.04.2017  11:36    <DIR>          Origin Games
20.04.2015  17:11    <DIR>          Realtek
10.03.2015  10:22    <DIR>          Reference Assemblies
25.12.2015  12:46    <DIR>          ROCCAT
24.09.2017  02:50    <DIR>          Steam
30.10.2015  19:25    <DIR>          Ubisoft
21.09.2017  17:30    <DIR>          VulkanRT
14.04.2017  04:09    <DIR>          Windows Defender
11.03.2015  14:12    <DIR>          Windows Live
18.08.2015  20:29    <DIR>          Windows Mail
18.08.2015  12:37    <DIR>          Windows Media Components
18.08.2015  20:29    <DIR>          Windows Media Player
22.11.2014  07:25    <DIR>          Windows Multimedia Platform
22.08.2013  17:36    <DIR>          Windows NT
18.08.2015  20:29    <DIR>          Windows Photo Viewer
22.11.2014  07:25    <DIR>          Windows Portable Devices
22.08.2013  17:36    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              41 Verzeichnis(se), 31.342.485.504 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\ProgramData

03.12.2015  17:54    <DIR>          .mono
08.08.2015  19:16    <DIR>          ashampoo
24.02.2016  18:46    <DIR>          Battle.net
28.08.2017  20:10    <DIR>          Battlestate Games
09.08.2015  17:01    <DIR>          Blizzard Entertainment
08.08.2015  19:42    <DIR>          CLSK
02.10.2016  13:19    <DIR>          Codemasters
08.08.2015  19:41    <DIR>          CyberLink
23.03.2016  22:46    <DIR>          EA Core
28.04.2017  21:32    <DIR>          Electronic Arts
02.07.2017  18:35    <DIR>          Firefly Studios
10.02.2017  18:33    <DIR>          For Honor
14.02.2017  17:35    <DIR>          For Honor Data
03.01.2017  23:36    <DIR>          Gaijin
01.09.2017  20:53    <DIR>          GOG.com
20.04.2015  18:02    <DIR>          install_clap
20.04.2015  16:57    <DIR>          Intel
24.09.2017  02:03    <DIR>          Kaspersky Lab
21.08.2015  13:40    <DIR>          LogMeIn
08.08.2015  19:14    <DIR>          MAGIX
23.09.2017  00:42    <DIR>          Malwarebytes
08.08.2015  18:59    <DIR>          Manuals
08.08.2015  19:11    <DIR>          McAfee
14.09.2017  21:19    <DIR>          Microsoft Help
08.08.2015  19:31    <DIR>          Mozilla
20.04.2015  18:10    <DIR>          Nitro
15.12.2016  08:58           262.144 ntuser.dat
23.09.2017  17:57    <DIR>          NVIDIA
23.09.2017  00:11    <DIR>          NVIDIA Corporation
28.03.2016  14:37    <DIR>          Oracle
10.09.2017  03:54    <DIR>          Origin
20.07.2016  14:41    <DIR>          Overwolf
13.04.2017  14:19    <DIR>          Package Cache
10.03.2015  16:11    <DIR>          PowerRecover
20.04.2015  15:33    <DIR>          regid.1991-06.com.microsoft
08.08.2015  22:28    <DIR>          Riot Games
25.12.2015  12:46    <DIR>          ROCCAT
20.04.2015  18:09    <DIR>          simplitec
03.10.2016  09:51    <DIR>          Skype
23.03.2016  22:45    <DIR>          Solidshield
08.08.2015  19:42    <DIR>          SUPPORTDIR
20.04.2015  18:02    <DIR>          Temp
08.08.2015  19:40                32 Temp.log
12.02.2016  16:04    <DIR>          Ubisoft
20.04.2015  18:02               119 {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
20.04.2015  17:58               106 {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
20.04.2015  18:01               108 {B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
20.04.2015  17:57               107 {C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
20.04.2015  17:57               110 {E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
20.04.2015  17:58               110 {E3D04529-6EDB-11D8-A372-0050BAE317E1}.log
               8 Datei(en),        262.836 Bytes
              42 Verzeichnis(se), 31.342.428.160 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\Users\Julian\AppData\Roaming

28.08.2017  20:10    <DIR>          .
28.08.2017  20:10    <DIR>          ..
28.05.2017  10:35    <DIR>          .minecraft
03.12.2015  17:54    <DIR>          .mono
08.08.2015  18:59    <DIR>          Adobe
26.07.2017  15:26    <DIR>          Albion
20.09.2017  15:12    <DIR>          AlbionOnline
24.02.2016  18:46    <DIR>          Battle.net
28.08.2017  20:10    <DIR>          Battlestate Games
12.01.2017  20:08    <DIR>          Curse Client
09.08.2017  13:02    <DIR>          discord
14.02.2017  17:35    <DIR>          EasyAntiCheat
21.10.2016  01:02    <DIR>          FiraxisLive
15.08.2015  17:51    <DIR>          ftblauncher
18.12.2015  21:27    <DIR>          GameRanger
31.12.2015  16:50    <DIR>          Guild Wars 2
25.04.2016  16:24    <DIR>          HeroesAndGeneralsDesktop
08.08.2015  19:00    <DIR>          Intel Corporation
15.08.2015  17:46    <DIR>          java
27.11.2016  02:55    <DIR>          kingdom_rush_frontiers
08.10.2015  21:33    <DIR>          LolClient
11.04.2016  13:33    <DIR>          Lonely Troops
08.08.2015  19:03    <DIR>          Macromedia
08.08.2015  19:14    <DIR>          MAGIX
30.01.2017  21:35    <DIR>          Might & Magic Heroes VI
08.08.2015  19:33    <DIR>          Mozilla
25.04.2016  16:30    <DIR>          NVIDIA
02.12.2016  23:12    <DIR>          OBS
10.09.2017  01:19    <DIR>          Origin
24.03.2017  21:57    <DIR>          Riot Games
03.10.2016  09:50    <DIR>          Skype
24.09.2017  02:22    <DIR>          Spotify
15.08.2015  17:41    <DIR>          Sun
29.11.2015  17:11    <DIR>          The Creative Assembly
24.09.2017  02:23    <DIR>          TS3Client
12.02.2016  16:04    <DIR>          Ubisoft
22.08.2015  15:24    <DIR>          Unity
26.05.2017  13:55    <DIR>          Wargaming.net
15.08.2015  18:21    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              39 Verzeichnis(se), 31.342.370.816 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\Users\Julian\AppData\Local

23.09.2017  12:39    <DIR>          .
23.09.2017  12:39    <DIR>          ..
26.02.2016  21:11    <DIR>          Activision
21.09.2017  14:29    <DIR>          Adobe
21.09.2017  23:39    <DIR>          Anno Online
08.08.2015  19:16    <DIR>          Ashampoo
21.09.2017  23:11    <DIR>          Battle.net
28.08.2017  20:10    <DIR>          Battlestate Games
02.09.2017  23:55    <DIR>          Blizzard Entertainment
08.08.2015  20:21    <DIR>          CEF
08.11.2015  14:13    <DIR>          Chromium
03.12.2015  17:54    <DIR>          Colossal Order
13.04.2017  14:20    <DIR>          CrashRpt
09.02.2016  13:37    <DIR>          Diagnostics
09.08.2017  02:08    <DIR>          Discord
23.09.2017  00:37    <DIR>          Downloaded Installations
03.07.2017  23:59    <DIR>          FluxSoftware
18.08.2015  12:06    <DIR>          ftblauncher
03.01.2017  23:36    <DIR>          Gaijin
01.09.2017  20:53    <DIR>          GOG.com
31.10.2016  15:15    <DIR>          Google
08.08.2015  19:04    <DIR>          GWX
21.08.2015  13:40    <DIR>          LogMeIn
30.12.2015  20:00    <DIR>          LucasArts
08.08.2015  19:43    <DIR>          Macromedia
23.11.2016  13:31    <DIR>          Microsoft
02.11.2015  17:36    <DIR>          Microsoft Help
05.02.2017  10:37    <DIR>          Might & Magic Heroes Online
08.08.2015  20:19    <DIR>          Mozilla
17.08.2015  22:35    <DIR>          My Games
23.12.2015  17:58    <DIR>          Ndemic Creations
21.09.2017  17:19    <DIR>          NVIDIA
22.09.2017  10:06    <DIR>          NVIDIA Corporation
02.05.2017  20:25    <DIR>          Origin
20.07.2016  14:41    <DIR>          Overwolf
16.06.2017  12:20    <DIR>          Packages
22.08.2015  20:36    <DIR>          PAYDAY 2
08.08.2015  18:59    <DIR>          Power2Go8
08.08.2015  19:14    <DIR>          Programs
26.02.2016  21:20    <DIR>          PunkBuster
30.03.2016  10:53    <DIR>          Runic Games
26.07.2017  15:13    <DIR>          Sandbox Interactive GmbH
27.12.2015  00:45    <DIR>          Skype
23.09.2017  22:37    <DIR>          Spotify
26.03.2017  20:55    <DIR>          SquirrelTemp
13.12.2016  21:33    <DIR>          Steam
24.09.2017  02:40    <DIR>          Temp
04.09.2017  18:26    <DIR>          TslGame
13.08.2017  01:49    <DIR>          Ubisoft Game Launcher
22.08.2015  15:24    <DIR>          Unity
04.09.2017  18:26    <DIR>          UnrealEngine
06.09.2016  20:16    <DIR>          VirtualStore
27.06.2017  21:20    <DIR>          {003ACA6A-C058-424D-B955-A82DE5375C64}
               0 Datei(en),              0 Bytes
              53 Verzeichnis(se), 31.342.309.376 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\Program Files (x86)\Common Files

28.04.2017  21:32    <DIR>          .
28.04.2017  21:32    <DIR>          ..
23.09.2017  17:35    <DIR>          BattlEye
05.11.2015  18:44    <DIR>          DESIGNER
28.10.2015  22:24    <DIR>          InstallShield
20.04.2015  17:00    <DIR>          Intel Corporation
05.04.2016  14:35    <DIR>          Microsoft Shared
20.04.2015  18:01    <DIR>          NewBlue
20.04.2015  18:02    <DIR>          Nikon
24.03.2017  21:15    <DIR>          Overwolf
20.04.2015  16:54    <DIR>          postureAgent
22.08.2013  17:36    <DIR>          Services
09.09.2017  15:12    <DIR>          Steam
18.08.2015  20:29    <DIR>          System
10.03.2015  14:08    <DIR>          Windows Live
               0 Datei(en),              0 Bytes
              15 Verzeichnis(se), 31.342.252.032 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\Program Files\Common Files

15.12.2016  08:58    <DIR>          .
15.12.2016  08:58    <DIR>          ..
16.12.2016  09:11    <DIR>          AV
19.03.2016  11:51    <DIR>          microsoft shared
08.11.2015  14:15    <DIR>          NewBlue
08.11.2015  14:15    <DIR>          Services
18.08.2015  20:29    <DIR>          System
               0 Datei(en),              0 Bytes
               7 Verzeichnis(se), 31.342.198.784 Bytes frei

========= Ende von CMD: =========


========= dir "%UserProfile%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\Users\Julian

26.07.2017  15:13    <DIR>          .
26.07.2017  15:13    <DIR>          ..
26.07.2017  15:13    <DIR>          .Albion Online Launcher
28.03.2016  14:35    <DIR>          .oracle_jre_usage
28.04.2017  21:07    <DIR>          .Origin
17.01.2017  22:05    <DIR>          .QtWebEngineProcess
17.01.2017  22:05    <DIR>          .TeamSpeak 3
08.08.2015  19:38                 0 agent.log
03.07.2017  11:44               153 BullseyeCoverageError.txt
15.09.2017  14:32    <DIR>          Contacts
24.09.2017  02:50    <DIR>          Desktop
23.09.2017  00:37    <DIR>          Documents
23.09.2017  00:46    <DIR>          Downloads
15.09.2017  14:32    <DIR>          Favorites
15.09.2017  14:32    <DIR>          Links
15.09.2017  14:32    <DIR>          Music
23.09.2017  12:39    <DIR>          OneDrive
08.08.2015  19:04               359 Papierkorb - Verknpfung.lnk
15.09.2017  14:32    <DIR>          Pictures
15.09.2017  14:32    <DIR>          Saved Games
15.09.2017  14:32    <DIR>          Searches
08.08.2015  21:05    <DIR>          Tracing
24.09.2017  00:12    <DIR>          Videos
               3 Datei(en),            512 Bytes
              20 Verzeichnis(se), 31.342.137.344 Bytes frei

========= Ende von CMD: =========


========= dir "C:\" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 7857-623C

 Verzeichnis von C:\

23.09.2017  00:37    <DIR>          AdwCleaner
24.09.2017  02:50    <DIR>          FRST
18.08.2015  12:37    <DIR>          IExp0.tmp
18.08.2015  12:37    <DIR>          IExp1.tmp
20.04.2015  16:53    <DIR>          Intel
22.08.2013  17:22    <DIR>          PerfLogs
23.09.2017  00:42    <DIR>          Program Files
21.09.2017  19:39    <DIR>          Program Files (x86)
21.04.2015  14:07               815 swconf.dat
22.09.2017  01:54           228.300 TDSSKiller.3.1.0.15_22.09.2017_01.47.01_log.txt
08.08.2015  18:58    <DIR>          Users
23.09.2017  00:50    <DIR>          Windows
               2 Datei(en),        229.115 Bytes
              10 Verzeichnis(se), 31.342.084.096 Bytes frei

========= Ende von CMD: =========

================== ExportKey: ===================

[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]

=== Ende von ExportKey ===

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 25165824 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 70220890 B
Java, Flash, Steam htmlcache => 640064954 B
Windows/system/drivers => 287753863 B
Edge => 0 B
Chrome => 300855240 B
Firefox => 52630541 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 461227 B
systemprofile32 => 128 B
LocalService => 147000 B
NetworkService => 11914 B
Julian => 1961580677 B

RecycleBin => 0 B
EmptyTemp: => 3.1 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 02:51:01 ====

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 02:57 on 24/09/2017 by Julian
Administrator - Elevation successful

========== filefind ==========

Searching for "*PRO*PC*Cleaner*"
No files found.

Searching for "*lavasofttcpservice*"
C:\AdwCleaner\Quarantine\1xVPfvJcrg\LavasoftTcpService.ini	--a---- 5099 bytes	[22:37 22/09/2017]	[17:32 08/08/2015] 248258416775836F2A4B6320EE7E37E6
C:\AdwCleaner\Quarantine\3soLBPh71Y\lavasofttcpservice.dll	--a---- 342016 bytes	[22:37 22/09/2017]	[17:32 08/08/2015] ACB3CC814D3825D11E6BD80CBE074BC2
C:\AdwCleaner\Quarantine\bbSqWy6yhK\LavasoftTcpService64.dll	--a---- 422400 bytes	[22:37 22/09/2017]	[17:32 08/08/2015] 795D29FBD4BB396EDFEFB0178B436EB9
C:\AdwCleaner\Quarantine\exuieaoEiI\LavasoftTcpServiceOff.ini	--a---- 2800 bytes	[22:37 22/09/2017]	[17:32 08/08/2015] E4835A39C3FC33231FFCD0BA9D26AD30
C:\AdwCleaner\Quarantine\gxIX4a2dRE\LavasoftTcpServiceOff.ini	--a---- 2800 bytes	[22:37 22/09/2017]	[17:32 08/08/2015] 9F5FB700D92B44B3E9FA853570BF09F4
C:\Windows\System32\LavasoftTcpService64.dll	------- 422400 bytes	[17:32 08/08/2015]	[17:32 08/08/2015] 795D29FBD4BB396EDFEFB0178B436EB9
C:\Windows\SysWOW64\LavasoftTcpService.dll	------- 342016 bytes	[17:32 08/08/2015]	[17:32 08/08/2015] ACB3CC814D3825D11E6BD80CBE074BC2

Searching for "*Web*Companion*"
No files found.

Searching for "*chip*1-click*"
No files found.

Searching for "*DLLKITPRO*"
No files found.

========== folderfind ==========

Searching for "*PRO*PC*Cleaner*"
C:\AdwCleaner\Quarantine\rQF69AzBla\ProPCCleaner.exe_Url_xfrt3hu2ec5vknmrnagnhswpaqprhwze	d------	[22:37 22/09/2017]

Searching for "*lavasofttcpservice*"
No folders found.

Searching for "*Web*Companion*"
No folders found.

Searching for "*chip*1-click*"
No folders found.

Searching for "*DLLKITPRO*"
No folders found.

========== regfind ==========

Searching for "PROPCCleaner"
[HKEY_CURRENT_USER\Software\ProPCCleanerConfig]
[HKEY_USERS\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\ProPCCleanerConfig]

Searching for "PRO PC Cleaner"
No data found.

Searching for "lavasofttcpservice"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer\CurVer]
@="LavasoftTcpServiceLib.DataContainer.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController\CurVer]
@="LavasoftTcpServiceLib.DataController.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable\CurVer]
@="LavasoftTcpServiceLib.DataTable.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields\CurVer]
@="LavasoftTcpServiceLib.DataTableFields.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder\CurVer]
@="LavasoftTcpServiceLib.DataTableHolder.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic\CurVer]
@="LavasoftTcpServiceLib.LSPLogic.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager\CurVer]
@="LavasoftTcpServiceLib.ReadOnlyManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController\CurVer]
@="LavasoftTcpServiceLib.WFPController.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD]
"AppFullPath"="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD]
"AppFullPath"="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"

Searching for "Web Companion"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD]
"AppFullPath"="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD]
"AppFullPath"="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"

Searching for "chip 1-click"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASMANCS]
[HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\chip 1-click installer.exe]
[HKEY_USERS\S-1-5-18\Software\Microsoft\.NETFramework\SQM\Apps\chip 1-click installer.exe]

Searching for "DLLKITPRO"
No data found.

Searching for "         "
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ConnectedSearch]
"StyleSetCache"="{"Condition":{}, "PropertySets":[
                    {"ConditionArgs":[], "PropertyValueMap":{}}
                  ]}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="             <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="4.0"/>                 </InitializationParameters>                 <Resources>                     <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                         <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                         <Capability Type="Shell"/>                     </Reso
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"="             <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="1209600" RunAsUser="" RunAsPassword="" AutoRestart="false"     Enabled="true" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="4.0"/>                     <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>                     <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/>                     <Param Name="SessionConfigurationData"                          Value="                       
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" >                         <InitializationParameters>                             <Param Name="PSVersion" Value="4.0"/>                         </InitializationParameters>                         <Resources>                             <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true">                                 <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                 
[HKEY_USERS\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Windows\CurrentVersion\ConnectedSearch]
"StyleSetCache"="{"Condition":{}, "PropertySets":[
                    {"ConditionArgs":[], "PropertyValueMap":{}}
                  ]}"

-= EOF =-

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2017
durchgeführt von Julian (Administrator) auf JULIANPC (24-09-2017 03:02:55)
Gestartet von C:\Users\Julian\Desktop
Geladene Profile: Julian (Verfügbare Profile: Julian)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Gaijin Entertainment) C:\Users\Julian\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Wargaming.net) D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient.exe
(GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Julian\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-28] (Gaijin Entertainment)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Discord] => C:\Users\Julian\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [World of Tanks] => "D:\World of Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [World of Tanks (1)] => D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Spotify] => C:\Users\Julian\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [GalaxyClient] => D:\Programme (x86)\GOG Galaxy\GalaxyClient.exe [5161536 2017-09-08] (GOG.com)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Spotify Web Helper] => C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\MountPoints2: {9cb3c07b-fe1f-11e4-8270-806e6f6e6963} - "G:\autorun.exe" 
HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-12-25]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{55905A7B-D38A-4C05-B346-B12C55900D9D}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{DD4F3609-B808-43BD-8ECA-B4A87964F757}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll => Keine Datei
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default [2017-09-24]
FF Extension: (Adblock Plus) - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-25]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-21] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3495731131-4003904178-1165495969-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3495731131-4003904178-1165495969-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-30] ()

Chrome: 
=======
CHR Profile: C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default [2017-09-24]
CHR Extension: (Google Präsentationen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-29]
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-29]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-29]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-29]
CHR Extension: (Adblock Plus) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-21]
CHR Extension: (Steam Inventory Helper) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-09-21]
CHR Extension: (Google Tabellen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-29]
CHR Extension: (Kaspersky Protection) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-21]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [399120 2017-02-13] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Programme (x86)\GOG Galaxy\GalaxyClientService.exe [532544 2017-09-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-08-25] (GOG.com)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme (x86)\Origin\OriginClientService.exe [2098528 2017-09-03] (Electronic Arts)
S2 Origin Web Helper Service; D:\Programme (x86)\Origin\OriginWebHelperService.exe [2977640 2017-09-03] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2016-02-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe" [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 Hamachi; C:\windows\system32\DRIVERS\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
R0 kl1; C:\windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\windows\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\windows\system32\DRIVERS\klflt.sys [197312 2017-07-25] (AO Kaspersky Lab)
R1 klhk; C:\windows\system32\DRIVERS\klhk.sys [520176 2017-04-12] (AO Kaspersky Lab)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [1021624 2017-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\windows\system32\DRIVERS\klim6.sys [57424 2016-12-16] (AO Kaspersky Lab)
R3 klkbdflt; C:\windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\windows\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\windows\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 klwfp; C:\windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\windows\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\windows\system32\DRIVERS\kneps.sys [199640 2017-07-25] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-23] (Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\DRIVERS\farflt.sys [101824 2017-09-24] (Malwarebytes)
R3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [45472 2017-09-24] (Malwarebytes)
R0 MBAMSwissArmy; C:\windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-24] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [94144 2017-09-24] (Malwarebytes)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 NVVADARM; C:\windows\system32\drivers\nvvadarm.sys [46016 2017-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation)
R3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 cpuz135; \??\C:\Users\Julian\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X] <==== ACHTUNG
S1 ESEADriver2; \??\C:\Users\Julian\AppData\Local\Temp\ESEADriver2.sys [X] <==== ACHTUNG
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-24 02:57 - 2017-09-24 03:01 - 000018400 _____ C:\Users\Julian\Desktop\SystemLook.txt
2017-09-24 02:57 - 2017-09-24 02:57 - 000165376 _____ C:\Users\Julian\Desktop\SystemLook_x64.exe
2017-09-24 02:50 - 2017-09-24 02:51 - 000018924 _____ C:\Users\Julian\Desktop\Fixlog.txt
2017-09-23 22:48 - 2017-09-23 22:48 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\United Soft Media Verlag GmbH
2017-09-23 00:50 - 2017-09-24 02:50 - 000000000 ____D C:\Users\Julian\Desktop\FRST-OlderVersion
2017-09-23 00:47 - 2017-09-23 00:47 - 000002492 _____ C:\Users\Julian\Desktop\mbam.txt
2017-09-23 00:42 - 2017-09-24 02:53 - 000253888 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-23 00:42 - 2017-09-24 02:53 - 000101824 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-09-23 00:42 - 2017-09-24 02:53 - 000094144 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-09-23 00:42 - 2017-09-24 02:53 - 000045472 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-09-23 00:42 - 2017-09-23 00:42 - 000192960 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2017-09-23 00:42 - 2017-09-23 00:42 - 000001847 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-23 00:42 - 2017-08-24 11:27 - 000077440 _____ C:\windows\system32\Drivers\mbae64.sys
2017-09-23 00:41 - 2017-09-23 00:41 - 068408664 _____ (Malwarebytes ) C:\Users\Julian\Desktop\mb3-setup-consumer-3.2.2.2029.exe
2017-09-23 00:35 - 2017-09-23 00:37 - 000000000 ____D C:\AdwCleaner
2017-09-23 00:35 - 2017-09-23 00:35 - 008182736 _____ (Malwarebytes) C:\Users\Julian\Desktop\adwcleaner_7.0.2.1.exe
2017-09-22 01:47 - 2017-09-22 01:54 - 000228300 _____ C:\TDSSKiller.3.1.0.15_22.09.2017_01.47.01_log.txt
2017-09-22 01:46 - 2017-09-22 01:46 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Julian\Desktop\tdsskiller.exe
2017-09-22 01:39 - 2017-09-23 00:50 - 000044900 _____ C:\Users\Julian\Desktop\Addition.txt
2017-09-22 01:38 - 2017-09-24 03:03 - 000022111 _____ C:\Users\Julian\Desktop\FRST.txt
2017-09-22 01:37 - 2017-09-24 02:50 - 002399744 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2017-09-21 19:08 - 2017-09-21 19:08 - 000069344 _____ C:\Users\Julian\Downloads\Addition.txt
2017-09-21 19:08 - 2017-09-21 19:08 - 000053958 _____ C:\Users\Julian\Downloads\FRST.txt
2017-09-21 19:07 - 2017-09-24 03:02 - 000000000 ____D C:\FRST
2017-09-21 19:07 - 2017-09-21 19:07 - 002399744 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2017-09-21 17:30 - 2017-09-21 17:30 - 000002157 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-09-21 17:30 - 2017-09-21 17:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-21 17:30 - 2017-09-16 19:17 - 000135800 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2017-09-21 17:30 - 2017-07-20 19:21 - 000905504 _____ C:\windows\system32\vulkan-1.dll
2017-09-21 17:30 - 2017-07-20 19:21 - 000776992 _____ C:\windows\SysWOW64\vulkan-1.dll
2017-09-21 17:30 - 2017-07-20 19:21 - 000578848 _____ C:\windows\system32\vulkaninfo.exe
2017-09-21 17:30 - 2017-07-20 19:21 - 000477472 _____ C:\windows\SysWOW64\vulkaninfo.exe
2017-09-21 17:29 - 2017-09-16 19:34 - 000548472 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2017-09-21 17:29 - 2017-09-16 19:34 - 000082040 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 040240064 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 035883640 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 035314112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 028987512 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 023132720 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 018849968 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 017808120 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 015427520 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 013782720 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 012241792 _____ (NVIDIA Corporation) C:\windows\system32\nvptxJitCompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 011692856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 010087504 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvptxJitCompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 003793016 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 003346368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001988216 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6438569.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001606592 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6438569.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001067456 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001005176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000972920 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000924096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000895968 _____ (NVIDIA Corporation) C:\windows\system32\nvmcumd.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000690504 _____ (NVIDIA Corporation) C:\windows\system32\nvfatbinaryLoader.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000609912 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000578056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvfatbinaryLoader.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000512672 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000499136 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000491720 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000429920 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000407064 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000218712 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 000171384 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000154392 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000149040 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000132256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000124536 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcaparm.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000046016 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvadarm.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 000045976 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000000669 _____ C:\windows\SysWOW64\nv-vk32.json
2017-09-21 17:27 - 2017-09-16 21:23 - 000000669 _____ C:\windows\system32\nv-vk64.json
2017-09-21 17:17 - 2017-09-21 17:30 - 000000000 ____D C:\windows\LastGood.Tmp
2017-09-21 17:17 - 2017-09-21 17:17 - 000004146 _____ C:\windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003852 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003814 _____ C:\windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003738 _____ C:\windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003730 _____ C:\windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003554 _____ C:\windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-19 09:20 - 000121280 _____ C:\windows\system32\NvRtmpStreamer64.dll
2017-09-21 17:17 - 2017-09-19 09:20 - 000057792 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvhci.sys
2017-09-21 17:17 - 2017-09-19 09:20 - 000048064 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2017-09-21 17:17 - 2017-09-18 23:29 - 000001951 _____ C:\windows\NvTelemetryContainerRecovery.bat
2017-09-21 17:17 - 2017-09-16 19:54 - 000001951 _____ C:\windows\NvContainerRecovery.bat
2017-09-21 17:16 - 2017-09-21 17:17 - 083757104 _____ (NVIDIA Corporation) C:\Users\Julian\Downloads\GeForce_Experience_v3.9.0.97.exe
2017-09-21 14:46 - 2017-09-21 14:46 - 000002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-20 23:42 - 2017-09-20 23:42 - 000012936 _____ C:\Users\Julian\Desktop\Stundenplan - Uni.pdf
2017-09-17 12:45 - 2017-09-17 12:45 - 1116115571 ____N C:\windows\MEMORY.DMP
2017-09-17 12:45 - 2017-09-17 12:45 - 000278704 _____ C:\windows\Minidump\091717-43984-01.dmp
2017-09-13 15:58 - 2017-09-13 15:58 - 000188806 _____ C:\Users\Julian\Desktop\cm._2017-09-13_1558502891363651769514687.pdf
2017-09-13 14:26 - 2017-08-18 00:07 - 000537200 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-09-13 14:26 - 2017-08-18 00:03 - 000450392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-09-13 14:26 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-09-13 14:26 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-09-13 14:26 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-09-13 14:26 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-09-13 14:26 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-09-13 14:26 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-09-13 14:26 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-09-13 14:26 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-09-13 14:26 - 2017-08-13 18:15 - 007078912 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-09-13 14:26 - 2017-08-13 18:05 - 000380416 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-09-13 14:26 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-09-13 14:26 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-09-13 14:26 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-09-13 14:26 - 2017-08-13 17:52 - 005274624 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-09-13 14:26 - 2017-08-13 17:52 - 000486912 _____ (Microsoft Corporation) C:\windows\system32\tpmvsc.dll
2017-09-13 14:26 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-09-13 14:26 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-09-13 14:26 - 2017-08-13 17:44 - 000331776 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-09-13 14:26 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-09-13 14:26 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-09-13 14:26 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-09-13 14:26 - 2017-08-13 17:25 - 007797248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-09-13 14:26 - 2017-08-13 17:18 - 005270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 14:26 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-09-13 14:26 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-09-13 14:26 - 2017-08-12 11:30 - 022361344 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-09-13 14:26 - 2017-08-12 11:26 - 019789736 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-09-13 14:26 - 2017-08-12 02:39 - 001364552 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-09-13 14:26 - 2017-08-12 01:59 - 007440728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-09-13 14:26 - 2017-08-12 01:58 - 001737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-09-13 14:26 - 2017-08-11 22:46 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPTpm12.dll
2017-09-13 14:26 - 2017-08-11 22:13 - 000175616 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll
2017-09-13 14:26 - 2017-08-11 05:30 - 004170240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-09-13 14:26 - 2017-08-11 05:27 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-09-13 14:26 - 2017-08-11 04:38 - 000477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-09-13 14:26 - 2017-08-11 04:08 - 001753600 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2017-09-13 14:26 - 2017-08-11 04:08 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2017-09-13 14:26 - 2017-08-11 04:02 - 001084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-09-13 14:26 - 2017-08-11 03:52 - 001491456 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2017-09-13 14:26 - 2017-08-11 03:44 - 001095680 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-09-13 14:26 - 2017-08-11 03:43 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-09-13 14:26 - 2017-08-06 09:13 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-09-13 14:26 - 2017-07-17 21:53 - 004298240 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2017-09-13 14:26 - 2017-07-17 01:55 - 003551744 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2017-09-13 14:26 - 2017-07-14 01:03 - 002013528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-09-13 14:26 - 2017-07-12 22:29 - 000420440 _____ (Microsoft Corporation) C:\windows\system32\wevtapi.dll
2017-09-13 14:26 - 2017-07-12 22:25 - 000308872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wevtapi.dll
2017-09-13 14:26 - 2017-07-08 05:14 - 000100184 ____C (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2017-09-13 14:25 - 2017-08-19 19:27 - 000237568 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2017-09-13 14:25 - 2017-08-19 18:48 - 000215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2017-09-13 14:25 - 2017-08-18 00:07 - 000140016 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2017-09-13 14:25 - 2017-08-18 00:03 - 000136832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2017-09-13 14:25 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-09-13 14:25 - 2017-08-15 16:01 - 000128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-09-13 14:25 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-09-13 14:25 - 2017-08-13 19:19 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nsiproxy.sys
2017-09-13 14:25 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-09-13 14:25 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-09-13 14:25 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-09-13 14:25 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-09-13 14:25 - 2017-08-13 18:21 - 000145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-09-13 14:25 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-09-13 14:25 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-09-13 14:25 - 2017-08-13 18:14 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-09-13 14:25 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-09-13 14:25 - 2017-08-13 17:51 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-09-13 14:25 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-09-13 14:25 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-09-13 14:25 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-09-13 14:25 - 2017-08-12 01:58 - 001502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-09-13 14:25 - 2017-08-11 22:29 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\PCPTpm12.dll
2017-09-13 14:25 - 2017-08-11 05:27 - 000281600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2017-09-13 14:25 - 2017-08-11 03:49 - 000346624 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2017-09-13 14:25 - 2017-08-11 03:41 - 000307200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2017-09-13 14:25 - 2017-08-06 23:20 - 000607232 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-09-13 14:25 - 2017-07-22 20:34 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
2017-09-13 14:25 - 2017-07-22 19:32 - 000027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsium.dll
2017-09-13 14:25 - 2017-07-12 22:29 - 000075440 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-09-13 14:25 - 2017-07-12 22:25 - 000066112 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-09-13 14:25 - 2017-07-08 21:03 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-09-13 14:25 - 2017-07-08 20:43 - 000197632 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-09-13 14:25 - 2017-07-08 20:30 - 000039936 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-09-13 14:25 - 2017-07-08 20:20 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-09-13 14:25 - 2017-07-08 19:25 - 001436160 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-09-13 14:25 - 2017-07-08 19:00 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-09-12 22:09 - 2017-09-12 22:09 - 000000000 ____D C:\Users\Julian\Desktop\MP_MODSPACK
2017-09-12 22:05 - 2017-09-12 22:05 - 010353001 _____ C:\Users\Julian\Downloads\[DLC - SP and MP] NQMod v12.2.zip
2017-09-06 14:21 - 2017-09-06 14:21 - 000355567 _____ C:\Users\Julian\Downloads\SKMBT_C28017090611100.pdf
2017-09-04 18:26 - 2017-09-04 18:26 - 000000000 ____D C:\Users\Julian\AppData\Local\UnrealEngine
2017-09-04 18:26 - 2017-09-04 18:26 - 000000000 ____D C:\Users\Julian\AppData\Local\TslGame
2017-09-02 14:41 - 2017-09-03 16:44 - 000000000 ____D C:\Users\Julian\Desktop\Warcraft III
2017-09-01 20:57 - 2017-09-01 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Empire Earth Gold [GOG.com]
2017-09-01 20:53 - 2017-09-01 20:53 - 000000742 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\Users\Julian\AppData\Local\GOG.com
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\ProgramData\GOG.com
2017-09-01 20:51 - 2017-09-01 20:52 - 162203456 _____ (GOG.com ) C:\Users\Julian\Downloads\setup_galaxy_1.2.20.36.exe
2017-08-28 20:31 - 2017-08-28 20:31 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\Battlestate Games
2017-08-28 20:30 - 2017-08-28 20:30 - 000000000 ____D C:\Users\Julian\Documents\Escape from Tarkov
2017-08-28 20:10 - 2017-08-28 20:10 - 000000766 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\Users\Julian\AppData\Local\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\ProgramData\Battlestate Games
2017-08-28 20:07 - 2017-08-28 20:08 - 053713176 _____ (Battlestate Games ) C:\Users\Julian\Downloads\BsgLauncher.0.2.1.156.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-24 03:00 - 2015-03-11 13:18 - 000766276 _____ C:\windows\system32\perfh007.dat
2017-09-24 03:00 - 2015-03-11 13:18 - 000160034 _____ C:\windows\system32\perfc007.dat
2017-09-24 03:00 - 2014-11-22 03:01 - 001783084 _____ C:\windows\system32\PerfStringBackup.INI
2017-09-24 03:00 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2017-09-24 02:58 - 2015-08-08 19:04 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3495731131-4003904178-1165495969-1001
2017-09-24 02:55 - 2015-08-08 19:21 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-24 02:54 - 2015-04-20 16:58 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-24 02:53 - 2015-10-15 23:10 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Spotify
2017-09-24 02:53 - 2015-10-15 23:10 - 000000000 ____D C:\Users\Julian\AppData\Local\Spotify
2017-09-24 02:53 - 2015-08-08 19:03 - 000000000 ____D C:\Users\Julian\OneDrive
2017-09-24 02:52 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-09-24 02:52 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2017-09-24 02:51 - 2017-01-17 22:09 - 000000000 ____D C:\Users\Julian\AppData\Roaming\TS3Client
2017-09-24 02:50 - 2015-08-08 20:21 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-23 00:37 - 2017-06-27 19:50 - 000000000 ____D C:\Users\Julian\AppData\Local\Downloaded Installations
2017-09-23 00:11 - 2015-04-20 16:58 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-09-22 10:06 - 2015-10-11 13:25 - 000000000 ____D C:\Users\Julian\AppData\Local\NVIDIA Corporation
2017-09-22 01:55 - 2016-11-16 13:35 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\Mozilla
2017-09-21 23:39 - 2016-10-09 14:06 - 000000000 ____D C:\Users\Julian\AppData\Local\Anno Online
2017-09-21 23:11 - 2015-08-08 20:29 - 000000000 ____D C:\Users\Julian\AppData\Local\Battle.net
2017-09-21 20:30 - 2015-08-08 20:29 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-21 17:30 - 2015-10-11 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-21 17:30 - 2015-04-20 16:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-21 17:29 - 2015-04-20 16:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-21 17:19 - 2015-08-08 18:59 - 000000000 ____D C:\Users\Julian\AppData\Local\NVIDIA
2017-09-21 17:17 - 2015-10-11 13:25 - 000001436 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-09-21 14:46 - 2016-06-29 11:54 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 14:45 - 2016-06-29 11:49 - 001130328 _____ (Google Inc.) C:\Users\Julian\Downloads\ChromeSetup.exe
2017-09-21 14:29 - 2015-08-08 19:37 - 000004342 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-09-21 14:29 - 2015-08-08 19:36 - 000000000 ____D C:\Users\Julian\AppData\Local\Adobe
2017-09-21 14:29 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-09-21 14:29 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2017-09-20 23:42 - 2016-02-25 16:34 - 000117760 ___SH C:\Users\Julian\Downloads\Thumbs.db
2017-09-20 15:12 - 2017-07-26 15:25 - 000000000 ____D C:\Users\Julian\AppData\Roaming\AlbionOnline
2017-09-19 15:52 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-19 15:52 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2017-09-19 09:20 - 2015-10-11 13:25 - 001923008 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001755072 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001505728 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001317312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 000179136 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 000146368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2017-09-18 19:04 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2017-09-17 12:45 - 2015-08-21 18:12 - 000000000 ____D C:\windows\Minidump
2017-09-16 21:23 - 2015-04-20 16:58 - 021407000 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 018706120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 014688256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 004188872 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 003692216 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 001615448 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 001606592 _____ (NVIDIA Corporation) C:\windows\system32\nvmcvadgenco64.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000512960 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000418752 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000044180 _____ C:\windows\system32\nvinfo.pb
2017-09-16 19:34 - 2015-04-20 16:58 - 006463424 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 002478528 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 001762752 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 000392312 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 000069752 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2017-09-15 17:03 - 2015-04-20 16:58 - 008248071 _____ C:\windows\system32\nvcoproc.bin
2017-09-15 14:31 - 2013-08-22 16:44 - 000498152 _____ C:\windows\system32\FNTCACHE.DAT
2017-09-15 03:32 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2017-09-14 21:19 - 2015-08-10 22:12 - 000000000 ____D C:\windows\system32\MRT
2017-09-14 21:17 - 2015-03-10 11:41 - 138202976 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-09-14 21:17 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2017-09-14 20:07 - 2015-08-11 13:47 - 000612352 ___SH C:\Users\Julian\Desktop\Thumbs.db
2017-09-13 01:19 - 2015-08-12 13:19 - 006476800 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2017-09-10 03:54 - 2015-08-17 02:27 - 000000000 ____D C:\ProgramData\Origin
2017-09-10 01:19 - 2015-08-17 02:28 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Origin
2017-09-07 15:12 - 2017-07-26 15:13 - 000000000 ____D C:\Program Files (x86)\AlbionOnline
2017-09-02 23:55 - 2015-08-08 20:29 - 000000000 ____D C:\Users\Julian\AppData\Local\Blizzard Entertainment
2017-09-02 01:54 - 2014-11-22 07:29 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 01:54 - 2014-11-22 07:29 - 000177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-01 17:26 - 2016-11-16 05:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-01 17:26 - 2015-08-08 19:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-20 17:06 - 2015-04-20 17:06 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-08 19:40 - 2015-08-08 19:40 - 000000032 _____ () C:\ProgramData\Temp.log
2015-04-20 18:02 - 2015-04-20 18:02 - 000000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-04-20 17:58 - 2015-04-20 17:58 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-04-20 18:01 - 2015-04-20 18:01 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-04-20 17:56 - 2015-04-20 17:57 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-04-20 17:57 - 2015-04-20 17:57 - 000000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2015-04-20 17:58 - 2015-04-20 17:58 - 000000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-18 18:38

==================== Ende von FRST.txt ============================

--- --- ---

exogeen · 24.09.2017, 02:04

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-09-2017
durchgeführt von Julian (24-09-2017 03:03:14)
Gestartet von C:\Users\Julian\Desktop
Windows 8.1 (Update) (X64) (2015-08-08 16:59:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3495731131-4003904178-1165495969-500 - Administrator - Disabled)
Gast (S-1-5-21-3495731131-4003904178-1165495969-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3495731131-4003904178-1165495969-1003 - Limited - Enabled)
Julian (S-1-5-21-3495731131-4003904178-1165495969-1001 - Administrator - Enabled) => C:\Users\Julian

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version:  - Sandbox Interactive GmbH)
AlienFX for KoneXTD (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
Anno Online (HKLM\...\Steam App 336510) (Version:  - Blue Byte)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Batman: Arkham Asylum GOTY Edition (HKLM\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 0.2.1.156 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.2.1.156 - Battlestate Games)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
Catan Universe (HKLM\...\Steam App 544730) (Version:  - Exozet)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Empire Earth Gold Edition (HKLM-x32\...\1207658777_is1) (Version: 2.1.0.17 - GOG.com)
Endless Legend (HKLM\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
ESEA (HKLM\...\Steam App 479130) (Version:  - ESEA)
ESEA Client (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2014 (HKLM\...\Steam App 226580) (Version:  - Codemasters)
For Honor Open Beta (HKLM\...\Steam App 572600) (Version:  - Ubisoft Montreal)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{85E3592A-8C11-44F4-AABD-F82EF41167AD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\GameRanger) (Version:  - GameRanger Technologies)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.91 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version:  - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
Hero of the Kingdom (HKLM\...\Steam App 259550) (Version:  - Lonely Troops)
Hero of the Kingdom II (HKLM\...\Steam App 346560) (Version:  - Lonely Troops)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes of Might & Magic III - HD Edition (HKLM-x32\...\Steam App 297000) (Version:  - DotEmu)
Heroes of Might & Magic V (HKLM\...\Steam App 15170) (Version:  - Nival)
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kingdom Rush (HKLM\...\Steam App 246420) (Version:  - Ironhide Game Studio)
Kingdom Rush Frontiers (HKLM\...\Steam App 458710) (Version:  - Ironhide Game Studio)
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\Steam App 32440) (Version:  - Traveller's Tales)
Magicka (HKLM\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.0 - Ubisoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{26E474C7-E63A-4EC2-A08C-909B996AA75D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F78F19A8-F3F5-4407-B98B-F23ACC82DBF5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Neverwinter (HKLM\...\Steam App 109600) (Version:  - Cryptic Studios)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 385.69 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.44.0 - Overwolf Ltd.)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Spotify (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 2 (HKLM\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold HD (HKLM\...\Steam App 40950) (Version:  - FireFly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version:  - Rune Forge)
Titan Quest (HKLM\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Tower Wars (HKLM\...\Steam App 214360) (Version:  - SuperVillain Studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 26.0 - Ubisoft)
Valokuvavalikoima (HKLM-x32\...\{B315ABA6-8217-484E-9AC5-38806E265664}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
World of Tanks (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
Yu-Gi-Oh! Legacy of the Duelist (HKLM\...\Steam App 480650) (Version:  - Other Ocean Interactive)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A911D77-F086-4808-8ED7-A044F5758B66} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: {0AA0938B-8DC1-4A27-92C9-445A08E4BBEF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {2D413BD3-9068-44CC-A219-F38F263A6EB9} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
Task: {2E102776-F9A8-4307-8BB4-5393A31D60F3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {499491A7-2617-4A71-8633-984D9EF142C5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {711FCD02-4903-4575-8DDA-80A89D1687B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-09-14] (Microsoft Corporation)
Task: {73FF3D9E-438B-4B96-874B-1DD4BFA5877B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {7A97ACA1-8F23-4677-9A0E-B57DA961B5DB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {7EA5AC2B-2B1F-4069-B18E-6CFCFE01615E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {94F3D13F-128D-4F2F-B33E-84C5ACF0882F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {A766DD9D-8F3F-412E-AED3-86FF473B769A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {A9C31928-EE7F-471F-BCFE-397F6F385F6B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-21] (Adobe Systems Incorporated)
Task: {AE2C14E6-119A-421C-B6FE-4A7425DE92FE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {BAFA3744-4A21-43C7-88AB-05E7ED80712E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {C97325EF-0FC0-4432-A4CF-3C8C795D8B1C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {DA7D195F-2D67-4242-91A4-13A1FF02B8B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-21 17:17 - 2017-09-19 09:20 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-02-26 21:10 - 2016-02-26 21:10 - 000066872 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2017-09-23 00:42 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-12-25 12:46 - 2012-06-17 12:20 - 000061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 053018112 _____ () D:\Programme (x86)\GOG Galaxy\libcef.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000507968 _____ () D:\Programme (x86)\GOG Galaxy\PocoUtil.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001076800 _____ () D:\Programme (x86)\GOG Galaxy\PocoNet.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001854528 _____ () D:\Programme (x86)\GOG Galaxy\PocoData.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000393280 _____ () D:\Programme (x86)\GOG Galaxy\PocoDataSQLite.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001589312 _____ () D:\Programme (x86)\GOG Galaxy\PocoFoundation.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000307776 _____ () D:\Programme (x86)\GOG Galaxy\PocoNetSSL.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000330816 _____ () D:\Programme (x86)\GOG Galaxy\PocoJSON.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000130112 _____ () D:\Programme (x86)\GOG Galaxy\xdelta3.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000104000 _____ () D:\Programme (x86)\GOG Galaxy\zlib.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000520768 _____ () D:\Programme (x86)\GOG Galaxy\PocoXML.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000272448 _____ () D:\Programme (x86)\GOG Galaxy\PocoZip.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000680000 _____ () D:\Programme (x86)\GOG Galaxy\sqlite.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000425536 _____ () D:\Programme (x86)\GOG Galaxy\pcre.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000157760 _____ () D:\Programme (x86)\GOG Galaxy\PocoCrypto.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000152128 _____ () D:\Programme (x86)\GOG Galaxy\expat.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 001589312 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoFoundation.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000330816 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoJSON.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000507968 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoUtil.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000104000 _____ () C:\ProgramData\GOG.com\Galaxy\redists\zlib.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000425536 _____ () C:\ProgramData\GOG.com\Galaxy\redists\pcre.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000520768 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoXML.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000152128 _____ () C:\ProgramData\GOG.com\Galaxy\redists\expat.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 001738752 _____ () D:\Programme (x86)\GOG Galaxy\libglesv2.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 000078848 _____ () D:\Programme (x86)\GOG Galaxy\libegl.dll
2017-09-21 17:17 - 2017-09-19 09:20 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-04-20 16:54 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:gs5sys [7170]
AlternateDataStreams: C:\Users\All Users:gs5sys [7170]
AlternateDataStreams: C:\Users\Julian:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [7170]
AlternateDataStreams: C:\Users\Julian\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\Documents\desktop.ini:gs5sys [1792]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [1792]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img2.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\StartupApproved\Run: => "EADM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0DB855AF-3B06-4E4E-AFD0-AF9F4E95BB6E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FC121498-0A8F-463A-AEA0-D906F6263C6D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A6481536-F3B8-4DD3-BE34-1F7A9100472B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DD93CA99-AE1E-4BEC-9737-3D924008BFA9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{258FF7F1-3898-401C-8D4F-102032167932}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe
FirewallRules: [{D5C0A77D-352B-4457-BAF2-E8C8D65C11B2}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe

==================== Wiederherstellungspunkte =========================

21-09-2017 19:39:51 chip 1-click download service wurde entfernt.

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/24/2017 02:52:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x73c
Startzeit der fehlerhaften Anwendung: 0x01d334cf6889c01a
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: af2fa4fb-a0c2-11e7-82e7-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/23/2017 12:46:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x77c
Startzeit der fehlerhaften Anwendung: 0x01d333f48957cfad
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: cffaa1f6-9fe7-11e7-82e6-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/23/2017 12:38:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x744
Startzeit der fehlerhaften Anwendung: 0x01d333f37b95bc84
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: c238a95c-9fe6-11e7-82e5-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/22/2017 10:20:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{f9b7d767-aa8f-42f6-b493-9b0ba819592d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (09/21/2017 06:05:00 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (09/21/2017 05:15:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1868

Startzeit: 01d332ec4c6d746e

Endzeit: 14

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: a3e79bd9-9edf-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:07:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15e8

Startzeit: 01d332eb19d2feda

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: 8c45832a-9ede-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:05:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a68

Startzeit: 01d332ea564fd91b

Endzeit: 7

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: f1633d2b-9edd-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:00:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8f8

Startzeit: 01d332ea07bea96e

Endzeit: 18

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: 8b34f74a-9edd-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 04:53:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x634
Startzeit der fehlerhaften Anwendung: 0x01d332e95409ad0f
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: 9aaecb82-9edc-11e7-82e4-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (09/24/2017 02:55:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/24/2017 02:53:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/24/2017 02:53:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/24/2017 02:52:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/24/2017 02:52:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/24/2017 02:52:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.

Error: (09/24/2017 02:52:33 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (09/24/2017 02:52:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
Der Dienst wurde nicht gestartet.

Error: (09/23/2017 12:48:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/23/2017 12:46:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 12240.42 MB
Verfügbarer physikalischer RAM: 8833.02 MB
Summe virtueller Speicher: 24528.42 MB
Verfügbarer virtueller Speicher: 20967.63 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.53 GB) (Free:32.25 GB) NTFS
Drive d: (Data) (Fixed) (Total:1802.89 GB) (Free:1203.4 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:40.59 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 24.09.2017, 11:11

Servus,

wir entfernen noch ein bisschen was und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
C:\Windows\System32\LavasoftTcpService64.dll
C:\Windows\SysWOW64\LavasoftTcpService.dll
DeleteKey: HKEY_CURRENT_USER\Software\ProPCCleanerConfig
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\chip 1-click installer.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASMANCS
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3
Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)

Starte die Installationsdatei.
Akzeptiere die Nutzungsbedingungen.
Wähle Erkennung evtl. unerwünschter Anwendungen aktivieren aus und klicke auf Scannen.
Zuerst werden die notwendigen Signaturen heruntergeladen, anschließend startet ESET automatisch den Suchlauf.
Am Ende des Suchlaufs werden gegebenenfalls die gefundenen Elemente aufgelistet.
Wähle In Textdatei speichern... aus und speichere die Datei als eset.txt auf deinem Desktop ab.
Füge den Inhalt der eset.txt mit deiner nächsten Antwort hinzu.
Sollte ESET nichts finden, so kann auch keine Logdatei erstellt werden. Teile uns das dann unbedingt mit.
Schließe den ESET Online Scanner rechts oben [ X ] und klicke anschließend auf Schließen.

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

exogeen · 24.09.2017, 15:28

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-09-2017
durchgeführt von Julian (24-09-2017 12:43:31) Run:3
Gestartet von C:\Users\Julian\Desktop
Geladene Profile: Julian (Verfügbare Profile: Julian)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
C:\Windows\System32\LavasoftTcpService64.dll
C:\Windows\SysWOW64\LavasoftTcpService.dll
DeleteKey: HKEY_CURRENT_USER\Software\ProPCCleanerConfig
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\chip 1-click installer.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASMANCS
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
"C:\Windows\System32\LavasoftTcpService64.dll" => nicht gefunden.
"C:\Windows\SysWOW64\LavasoftTcpService.dll" => nicht gefunden.
HKEY_CURRENT_USER\Software\ProPCCleanerConfig => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1 => Schlüssel nicht gefunden. 
HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\chip 1-click installer.exe => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASAPI32 => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASMANCS => Schlüssel nicht gefunden. 

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1048384 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => -6993 B
Edge => 0 B
Chrome => 0 B
Firefox => 10138436 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Julian => 1089669 B

RecycleBin => 0 B
EmptyTemp: => 19.7 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 12:43:44 ====

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : JULIANPC
   Windows . . . . . . . : 6.3.0.9600.X64/8
   User name . . . . . . : JULIANPC\Julian
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-09-24 12:49:10
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 42s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 3
   Traces  . . . . . . . : 9

   Objects scanned . . . : 1.848.242
   Files scanned . . . . : 73.174
   Remnants scanned  . . : 449.038 files / 1.326.030 keys

Malware _____________________________________________________________________

   C:\Users\Julian\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
      Size . . . . . . . : 1.199.392 bytes
      Age  . . . . . . . : 770.8 days (2015-08-15 17:28:23)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : 1864140B9E2C7188C2DE4CDF16CAB27E7EE08092F65FC4EEDF53175C67EB8E33
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.Win32.DownloadSponsor.gen
      Fuzzy  . . . . . . : 99.0

   C:\Users\Julian\Downloads\LogMeIn Hamachi - CHIP-Installer(1).exe
      Size . . . . . . . : 1.524.744 bytes
      Age  . . . . . . . : 88.7 days (2017-06-27 19:49:04)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : D7EA356F545ACBE5E9824F2072F1B424E8C2B9C58AE9F902365D1E7C10471503
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 103.0

   C:\Users\Julian\Downloads\LogMeIn Hamachi - CHIP-Installer.exe
      Size . . . . . . . : 1.260.832 bytes
      Age  . . . . . . . : 765.6 days (2015-08-20 21:49:57)
      Entropy  . . . . . : 6.9
      SHA-256  . . . . . : 7155C18DE0066B4630A6D2384EEE0EC9D15284E4F336EA402A7AFBCD13AED737
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 99.0


Suspicious files ____________________________________________________________

   C:\Users\Julian\AppData\Local\PunkBuster\WAW\pb\pbcl.dll
      Size . . . . . . . : 733.004 bytes
      Age  . . . . . . . : 575.6 days (2016-02-26 21:20:32)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 8715126E77E8E6F98B4487C11B4656ADAC59145A86D56A0370F2FAE86E40FDC7
      Fuzzy  . . . . . . : 25.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Julian\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.399.744 bytes
      Age  . . . . . . . : 2.5 days (2017-09-22 01:37:45)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : F582F60F0A444CD9452B6485A0B8BDB95BB83D8ED8D2A7D69350777BA3415E42
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Julian\Desktop\FRST64.exe
      Size . . . . . . . : 2.399.744 bytes
      Age  . . . . . . . : 0.4 days (2017-09-24 02:50:18)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 65B4477D6E191C94B7E53C265E57219B8EEDA6C71A2213E783CD10ADCB95207E
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Julian\Desktop\FRST64.exe
         23.0s C:\FRST\Logs\ct
         23.0s C:\Users\Julian\Desktop\Fixlog.txt
         26.7s C:\Windows\Prefetch\DLLHOST.EXE-0656D972.pf
         27.8s C:\Windows\Prefetch\IPCONFIG.EXE-1D6605BA.pf
         27.8s C:\Windows\Prefetch\BITSADMIN.EXE-4229185E.pf

   C:\Users\Julian\Downloads\FRST64.exe
      Size . . . . . . . : 2.399.744 bytes
      Age  . . . . . . . : 2.7 days (2017-09-21 19:07:19)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 834870443B6B9651BC21C5BD345E60919504C9F0107EF0B50CA6DC454FE9A5B8
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\Tracing\wb_RASAPI32\ (WebBar)
   HKLM\SOFTWARE\Microsoft\Tracing\wb_RASMANCS\ (WebBar)

Code:

ATTFilter

C:\Users\Julian\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung	
C:\Users\Julian\Downloads\LogMeIn Hamachi - CHIP-Installer(1).exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung	
C:\Users\Julian\Downloads\LogMeIn Hamachi - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2017
durchgeführt von Julian (Administrator) auf JULIANPC (24-09-2017 16:14:30)
Gestartet von C:\Users\Julian\Desktop
Geladene Profile: Julian (Verfügbare Profile: Julian)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Gaijin Entertainment) C:\Users\Julian\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Wargaming.net) D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient.exe
(GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG.com) D:\Programme (x86)\GOG Galaxy\GalaxyClient Helper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Julian\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-28] (Gaijin Entertainment)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Discord] => C:\Users\Julian\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [World of Tanks] => "D:\World of Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [World of Tanks (1)] => D:\Programme (x86)\World of Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Spotify] => C:\Users\Julian\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [GalaxyClient] => D:\Programme (x86)\GOG Galaxy\GalaxyClient.exe [5161536 2017-09-08] (GOG.com)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Run: [Spotify Web Helper] => C:\Users\Julian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\MountPoints2: {9cb3c07b-fe1f-11e4-8270-806e6f6e6963} - "G:\autorun.exe" 
HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-12-25]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{55905A7B-D38A-4C05-B346-B12C55900D9D}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{DD4F3609-B808-43BD-8ECA-B4A87964F757}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll => Keine Datei
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default [2017-09-24]
FF Extension: (Adblock Plus) - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\qu7f1dbj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-25]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-21] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3495731131-4003904178-1165495969-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3495731131-4003904178-1165495969-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-30] ()

Chrome: 
=======
CHR Profile: C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default [2017-09-24]
CHR Extension: (Google Präsentationen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-29]
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-29]
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-29]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-29]
CHR Extension: (Adblock Plus) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-21]
CHR Extension: (Steam Inventory Helper) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-09-21]
CHR Extension: (Google Tabellen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-29]
CHR Extension: (Kaspersky Protection) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-21]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [399120 2017-02-13] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Programme (x86)\GOG Galaxy\GalaxyClientService.exe [532544 2017-09-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-08-25] (GOG.com)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme (x86)\Origin\OriginClientService.exe [2098528 2017-09-03] (Electronic Arts)
S2 Origin Web Helper Service; D:\Programme (x86)\Origin\OriginWebHelperService.exe [2977640 2017-09-03] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2016-02-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe" [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 Hamachi; C:\windows\system32\DRIVERS\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
R0 kl1; C:\windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\windows\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\windows\system32\DRIVERS\klflt.sys [197312 2017-07-25] (AO Kaspersky Lab)
R1 klhk; C:\windows\system32\DRIVERS\klhk.sys [520176 2017-04-12] (AO Kaspersky Lab)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [1021624 2017-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\windows\system32\DRIVERS\klim6.sys [57424 2016-12-16] (AO Kaspersky Lab)
R3 klkbdflt; C:\windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\windows\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\windows\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 klwfp; C:\windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\windows\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\windows\system32\DRIVERS\kneps.sys [199640 2017-07-25] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-23] (Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\DRIVERS\farflt.sys [101824 2017-09-24] (Malwarebytes)
R3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [45472 2017-09-24] (Malwarebytes)
R0 MBAMSwissArmy; C:\windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-24] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [94144 2017-09-24] (Malwarebytes)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 NVVADARM; C:\windows\system32\drivers\nvvadarm.sys [46016 2017-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation)
R3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 cpuz135; \??\C:\Users\Julian\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X] <==== ACHTUNG
S1 ESEADriver2; \??\C:\Users\Julian\AppData\Local\Temp\ESEADriver2.sys [X] <==== ACHTUNG
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-24 16:13 - 2017-09-24 16:13 - 000000850 _____ C:\Users\Julian\Desktop\eset.txt
2017-09-24 12:56 - 2017-09-24 12:56 - 000000000 ____D C:\Users\Julian\AppData\Local\ESET
2017-09-24 12:54 - 2017-09-24 12:54 - 006760064 _____ (ESET spol. s r.o.) C:\Users\Julian\Desktop\esetonlinescanner_deu.exe
2017-09-24 12:48 - 2017-09-24 12:53 - 000000000 ____D C:\ProgramData\HitmanPro
2017-09-24 12:48 - 2017-09-24 12:48 - 011584088 _____ (SurfRight B.V.) C:\Users\Julian\Desktop\HitmanPro_x64.exe
2017-09-24 02:57 - 2017-09-24 03:01 - 000018400 _____ C:\Users\Julian\Desktop\SystemLook.txt
2017-09-24 02:57 - 2017-09-24 02:57 - 000165376 _____ C:\Users\Julian\Desktop\SystemLook_x64.exe
2017-09-24 02:50 - 2017-09-24 12:43 - 000005134 _____ C:\Users\Julian\Desktop\Fixlog.txt
2017-09-23 22:48 - 2017-09-23 22:48 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\United Soft Media Verlag GmbH
2017-09-23 00:50 - 2017-09-24 02:50 - 000000000 ____D C:\Users\Julian\Desktop\FRST-OlderVersion
2017-09-23 00:47 - 2017-09-23 00:47 - 000002492 _____ C:\Users\Julian\Desktop\mbam.txt
2017-09-23 00:42 - 2017-09-24 13:54 - 000094144 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-09-23 00:42 - 2017-09-24 12:45 - 000253888 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-23 00:42 - 2017-09-24 12:45 - 000101824 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-09-23 00:42 - 2017-09-24 12:45 - 000045472 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-09-23 00:42 - 2017-09-23 00:42 - 000192960 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2017-09-23 00:42 - 2017-09-23 00:42 - 000001847 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-23 00:42 - 2017-09-23 00:42 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-23 00:42 - 2017-08-24 11:27 - 000077440 _____ C:\windows\system32\Drivers\mbae64.sys
2017-09-23 00:41 - 2017-09-23 00:41 - 068408664 _____ (Malwarebytes ) C:\Users\Julian\Desktop\mb3-setup-consumer-3.2.2.2029.exe
2017-09-23 00:35 - 2017-09-23 00:37 - 000000000 ____D C:\AdwCleaner
2017-09-23 00:35 - 2017-09-23 00:35 - 008182736 _____ (Malwarebytes) C:\Users\Julian\Desktop\adwcleaner_7.0.2.1.exe
2017-09-22 01:47 - 2017-09-22 01:54 - 000228300 _____ C:\TDSSKiller.3.1.0.15_22.09.2017_01.47.01_log.txt
2017-09-22 01:46 - 2017-09-22 01:46 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Julian\Desktop\tdsskiller.exe
2017-09-22 01:39 - 2017-09-24 03:03 - 000045691 _____ C:\Users\Julian\Desktop\Addition.txt
2017-09-22 01:38 - 2017-09-24 16:14 - 000022288 _____ C:\Users\Julian\Desktop\FRST.txt
2017-09-22 01:37 - 2017-09-24 02:50 - 002399744 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2017-09-21 19:08 - 2017-09-21 19:08 - 000069344 _____ C:\Users\Julian\Downloads\Addition.txt
2017-09-21 19:08 - 2017-09-21 19:08 - 000053958 _____ C:\Users\Julian\Downloads\FRST.txt
2017-09-21 19:07 - 2017-09-24 16:14 - 000000000 ____D C:\FRST
2017-09-21 19:07 - 2017-09-21 19:07 - 002399744 _____ (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2017-09-21 17:30 - 2017-09-21 17:30 - 000002157 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-09-21 17:30 - 2017-09-21 17:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-21 17:30 - 2017-09-16 19:17 - 000135800 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2017-09-21 17:30 - 2017-07-20 19:21 - 000905504 _____ C:\windows\system32\vulkan-1.dll
2017-09-21 17:30 - 2017-07-20 19:21 - 000776992 _____ C:\windows\SysWOW64\vulkan-1.dll
2017-09-21 17:30 - 2017-07-20 19:21 - 000578848 _____ C:\windows\system32\vulkaninfo.exe
2017-09-21 17:30 - 2017-07-20 19:21 - 000477472 _____ C:\windows\SysWOW64\vulkaninfo.exe
2017-09-21 17:29 - 2017-09-16 19:34 - 000548472 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2017-09-21 17:29 - 2017-09-16 19:34 - 000082040 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 040240064 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 035883640 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 035314112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 028987512 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 023132720 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 018849968 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 017808120 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 015427520 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 013782720 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 012241792 _____ (NVIDIA Corporation) C:\windows\system32\nvptxJitCompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 011692856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 010087504 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvptxJitCompiler.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 003793016 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 003346368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001988216 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6438569.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001606592 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6438569.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001067456 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 001005176 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000972920 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000924096 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000895968 _____ (NVIDIA Corporation) C:\windows\system32\nvmcumd.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000690504 _____ (NVIDIA Corporation) C:\windows\system32\nvfatbinaryLoader.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000609912 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000578056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvfatbinaryLoader.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000512672 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000499136 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000491720 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000429920 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000407064 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000218712 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 000171384 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000154392 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000149040 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000132256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000124536 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcaparm.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000046016 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvadarm.sys
2017-09-21 17:27 - 2017-09-16 21:23 - 000045976 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll
2017-09-21 17:27 - 2017-09-16 21:23 - 000000669 _____ C:\windows\SysWOW64\nv-vk32.json
2017-09-21 17:27 - 2017-09-16 21:23 - 000000669 _____ C:\windows\system32\nv-vk64.json
2017-09-21 17:17 - 2017-09-21 17:30 - 000000000 ____D C:\windows\LastGood.Tmp
2017-09-21 17:17 - 2017-09-21 17:17 - 000004146 _____ C:\windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003852 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003814 _____ C:\windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003738 _____ C:\windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003730 _____ C:\windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003554 _____ C:\windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-21 17:17 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-21 17:17 - 2017-09-19 09:20 - 000121280 _____ C:\windows\system32\NvRtmpStreamer64.dll
2017-09-21 17:17 - 2017-09-19 09:20 - 000057792 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvhci.sys
2017-09-21 17:17 - 2017-09-19 09:20 - 000048064 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2017-09-21 17:17 - 2017-09-18 23:29 - 000001951 _____ C:\windows\NvTelemetryContainerRecovery.bat
2017-09-21 17:17 - 2017-09-16 19:54 - 000001951 _____ C:\windows\NvContainerRecovery.bat
2017-09-21 17:16 - 2017-09-21 17:17 - 083757104 _____ (NVIDIA Corporation) C:\Users\Julian\Downloads\GeForce_Experience_v3.9.0.97.exe
2017-09-21 14:46 - 2017-09-21 14:46 - 000002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-20 23:42 - 2017-09-20 23:42 - 000012936 _____ C:\Users\Julian\Desktop\Stundenplan - Uni.pdf
2017-09-17 12:45 - 2017-09-17 12:45 - 1116115571 ____N C:\windows\MEMORY.DMP
2017-09-17 12:45 - 2017-09-17 12:45 - 000278704 _____ C:\windows\Minidump\091717-43984-01.dmp
2017-09-13 15:58 - 2017-09-13 15:58 - 000188806 _____ C:\Users\Julian\Desktop\cm._2017-09-13_1558502891363651769514687.pdf
2017-09-13 14:26 - 2017-08-18 00:07 - 000537200 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-09-13 14:26 - 2017-08-18 00:03 - 000450392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-09-13 14:26 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-09-13 14:26 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-09-13 14:26 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-09-13 14:26 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-09-13 14:26 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-09-13 14:26 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-09-13 14:26 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-09-13 14:26 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-09-13 14:26 - 2017-08-13 18:15 - 007078912 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-09-13 14:26 - 2017-08-13 18:05 - 000380416 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-09-13 14:26 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-09-13 14:26 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-09-13 14:26 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-09-13 14:26 - 2017-08-13 17:52 - 005274624 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-09-13 14:26 - 2017-08-13 17:52 - 000486912 _____ (Microsoft Corporation) C:\windows\system32\tpmvsc.dll
2017-09-13 14:26 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-09-13 14:26 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-09-13 14:26 - 2017-08-13 17:44 - 000331776 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-09-13 14:26 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-09-13 14:26 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-09-13 14:26 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-09-13 14:26 - 2017-08-13 17:25 - 007797248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-09-13 14:26 - 2017-08-13 17:18 - 005270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 14:26 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-09-13 14:26 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-09-13 14:26 - 2017-08-12 11:30 - 022361344 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-09-13 14:26 - 2017-08-12 11:26 - 019789736 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-09-13 14:26 - 2017-08-12 02:39 - 001364552 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-09-13 14:26 - 2017-08-12 01:59 - 007440728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-09-13 14:26 - 2017-08-12 01:58 - 001737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-09-13 14:26 - 2017-08-11 22:46 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PCPTpm12.dll
2017-09-13 14:26 - 2017-08-11 22:13 - 000175616 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll
2017-09-13 14:26 - 2017-08-11 05:30 - 004170240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-09-13 14:26 - 2017-08-11 05:27 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-09-13 14:26 - 2017-08-11 04:38 - 000477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-09-13 14:26 - 2017-08-11 04:08 - 001753600 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2017-09-13 14:26 - 2017-08-11 04:08 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2017-09-13 14:26 - 2017-08-11 04:02 - 001084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-09-13 14:26 - 2017-08-11 03:52 - 001491456 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2017-09-13 14:26 - 2017-08-11 03:44 - 001095680 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-09-13 14:26 - 2017-08-11 03:43 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-09-13 14:26 - 2017-08-06 09:13 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-09-13 14:26 - 2017-07-17 21:53 - 004298240 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2017-09-13 14:26 - 2017-07-17 01:55 - 003551744 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2017-09-13 14:26 - 2017-07-14 01:03 - 002013528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-09-13 14:26 - 2017-07-12 22:29 - 000420440 _____ (Microsoft Corporation) C:\windows\system32\wevtapi.dll
2017-09-13 14:26 - 2017-07-12 22:25 - 000308872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wevtapi.dll
2017-09-13 14:26 - 2017-07-08 05:14 - 000100184 ____C (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2017-09-13 14:25 - 2017-08-19 19:27 - 000237568 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2017-09-13 14:25 - 2017-08-19 18:48 - 000215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2017-09-13 14:25 - 2017-08-18 00:07 - 000140016 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2017-09-13 14:25 - 2017-08-18 00:03 - 000136832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2017-09-13 14:25 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-09-13 14:25 - 2017-08-15 16:01 - 000128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-09-13 14:25 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-09-13 14:25 - 2017-08-13 19:19 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nsiproxy.sys
2017-09-13 14:25 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-09-13 14:25 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-09-13 14:25 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-09-13 14:25 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-09-13 14:25 - 2017-08-13 18:21 - 000145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-09-13 14:25 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-09-13 14:25 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-09-13 14:25 - 2017-08-13 18:14 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-09-13 14:25 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-09-13 14:25 - 2017-08-13 17:51 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-09-13 14:25 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-09-13 14:25 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-09-13 14:25 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-09-13 14:25 - 2017-08-12 01:58 - 001502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-09-13 14:25 - 2017-08-11 22:29 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\PCPTpm12.dll
2017-09-13 14:25 - 2017-08-11 05:27 - 000281600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2017-09-13 14:25 - 2017-08-11 03:49 - 000346624 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2017-09-13 14:25 - 2017-08-11 03:41 - 000307200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2017-09-13 14:25 - 2017-08-06 23:20 - 000607232 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-09-13 14:25 - 2017-07-22 20:34 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
2017-09-13 14:25 - 2017-07-22 19:32 - 000027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsium.dll
2017-09-13 14:25 - 2017-07-12 22:29 - 000075440 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-09-13 14:25 - 2017-07-12 22:25 - 000066112 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-09-13 14:25 - 2017-07-08 21:03 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-09-13 14:25 - 2017-07-08 20:43 - 000197632 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-09-13 14:25 - 2017-07-08 20:30 - 000039936 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-09-13 14:25 - 2017-07-08 20:20 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-09-13 14:25 - 2017-07-08 19:25 - 001436160 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-09-13 14:25 - 2017-07-08 19:00 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-09-12 22:09 - 2017-09-12 22:09 - 000000000 ____D C:\Users\Julian\Desktop\MP_MODSPACK
2017-09-12 22:05 - 2017-09-12 22:05 - 010353001 _____ C:\Users\Julian\Downloads\[DLC - SP and MP] NQMod v12.2.zip
2017-09-06 14:21 - 2017-09-06 14:21 - 000355567 _____ C:\Users\Julian\Downloads\SKMBT_C28017090611100.pdf
2017-09-04 18:26 - 2017-09-04 18:26 - 000000000 ____D C:\Users\Julian\AppData\Local\UnrealEngine
2017-09-04 18:26 - 2017-09-04 18:26 - 000000000 ____D C:\Users\Julian\AppData\Local\TslGame
2017-09-02 14:41 - 2017-09-03 16:44 - 000000000 ____D C:\Users\Julian\Desktop\Warcraft III
2017-09-01 20:57 - 2017-09-01 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Empire Earth Gold [GOG.com]
2017-09-01 20:53 - 2017-09-01 20:53 - 000000742 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\Users\Julian\AppData\Local\GOG.com
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-01 20:53 - 2017-09-01 20:53 - 000000000 ____D C:\ProgramData\GOG.com
2017-09-01 20:51 - 2017-09-01 20:52 - 162203456 _____ (GOG.com ) C:\Users\Julian\Downloads\setup_galaxy_1.2.20.36.exe
2017-08-28 20:31 - 2017-08-28 20:31 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\Battlestate Games
2017-08-28 20:30 - 2017-08-28 20:30 - 000000000 ____D C:\Users\Julian\Documents\Escape from Tarkov
2017-08-28 20:10 - 2017-08-28 20:10 - 000000766 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\Users\Julian\AppData\Local\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2017-08-28 20:10 - 2017-08-28 20:10 - 000000000 ____D C:\ProgramData\Battlestate Games
2017-08-28 20:07 - 2017-08-28 20:08 - 053713176 _____ (Battlestate Games ) C:\Users\Julian\Downloads\BsgLauncher.0.2.1.156.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-24 15:57 - 2015-08-08 19:21 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-24 13:01 - 2015-08-08 19:04 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3495731131-4003904178-1165495969-1001
2017-09-24 12:52 - 2015-03-11 13:18 - 000766276 _____ C:\windows\system32\perfh007.dat
2017-09-24 12:52 - 2015-03-11 13:18 - 000160034 _____ C:\windows\system32\perfc007.dat
2017-09-24 12:52 - 2014-11-22 03:01 - 001783084 _____ C:\windows\system32\PerfStringBackup.INI
2017-09-24 12:52 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2017-09-24 12:46 - 2015-04-20 16:58 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-24 12:45 - 2015-10-15 23:10 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Spotify
2017-09-24 12:45 - 2015-10-15 23:10 - 000000000 ____D C:\Users\Julian\AppData\Local\Spotify
2017-09-24 12:45 - 2015-08-08 19:03 - 000000000 ____D C:\Users\Julian\OneDrive
2017-09-24 12:44 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-09-24 12:44 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2017-09-24 03:31 - 2015-08-08 20:21 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-24 03:08 - 2017-01-17 22:09 - 000000000 ____D C:\Users\Julian\AppData\Roaming\TS3Client
2017-09-23 00:37 - 2017-06-27 19:50 - 000000000 ____D C:\Users\Julian\AppData\Local\Downloaded Installations
2017-09-23 00:11 - 2015-04-20 16:58 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-09-22 10:06 - 2015-10-11 13:25 - 000000000 ____D C:\Users\Julian\AppData\Local\NVIDIA Corporation
2017-09-22 01:55 - 2016-11-16 13:35 - 000000000 ____D C:\Users\Julian\AppData\LocalLow\Mozilla
2017-09-21 23:39 - 2016-10-09 14:06 - 000000000 ____D C:\Users\Julian\AppData\Local\Anno Online
2017-09-21 23:11 - 2015-08-08 20:29 - 000000000 ____D C:\Users\Julian\AppData\Local\Battle.net
2017-09-21 20:30 - 2015-08-08 20:29 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-21 17:30 - 2015-10-11 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-21 17:30 - 2015-04-20 16:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-21 17:29 - 2015-04-20 16:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-21 17:19 - 2015-08-08 18:59 - 000000000 ____D C:\Users\Julian\AppData\Local\NVIDIA
2017-09-21 17:17 - 2015-10-11 13:25 - 000001436 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-09-21 14:46 - 2016-06-29 11:54 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 14:45 - 2016-06-29 11:49 - 001130328 _____ (Google Inc.) C:\Users\Julian\Downloads\ChromeSetup.exe
2017-09-21 14:29 - 2015-08-08 19:37 - 000004342 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-09-21 14:29 - 2015-08-08 19:36 - 000000000 ____D C:\Users\Julian\AppData\Local\Adobe
2017-09-21 14:29 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-09-21 14:29 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2017-09-20 23:42 - 2016-02-25 16:34 - 000117760 ___SH C:\Users\Julian\Downloads\Thumbs.db
2017-09-20 15:12 - 2017-07-26 15:25 - 000000000 ____D C:\Users\Julian\AppData\Roaming\AlbionOnline
2017-09-19 15:52 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-19 15:52 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2017-09-19 09:20 - 2015-10-11 13:25 - 001923008 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001755072 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001505728 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 001317312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 000179136 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2017-09-19 09:20 - 2015-10-11 13:25 - 000146368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2017-09-18 19:04 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2017-09-17 12:45 - 2015-08-21 18:12 - 000000000 ____D C:\windows\Minidump
2017-09-16 21:23 - 2015-04-20 16:58 - 021407000 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 018706120 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 014688256 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 004188872 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 003692216 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 001615448 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 001606592 _____ (NVIDIA Corporation) C:\windows\system32\nvmcvadgenco64.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000512960 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000418752 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2017-09-16 21:23 - 2015-04-20 16:58 - 000044180 _____ C:\windows\system32\nvinfo.pb
2017-09-16 19:34 - 2015-04-20 16:58 - 006463424 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 002478528 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 001762752 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 000392312 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2017-09-16 19:34 - 2015-04-20 16:58 - 000069752 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2017-09-15 17:03 - 2015-04-20 16:58 - 008248071 _____ C:\windows\system32\nvcoproc.bin
2017-09-15 14:31 - 2013-08-22 16:44 - 000498152 _____ C:\windows\system32\FNTCACHE.DAT
2017-09-15 03:32 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2017-09-14 21:19 - 2015-08-10 22:12 - 000000000 ____D C:\windows\system32\MRT
2017-09-14 21:17 - 2015-03-10 11:41 - 138202976 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-09-14 21:17 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2017-09-14 20:07 - 2015-08-11 13:47 - 000612352 ___SH C:\Users\Julian\Desktop\Thumbs.db
2017-09-13 01:19 - 2015-08-12 13:19 - 006476800 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2017-09-10 03:54 - 2015-08-17 02:27 - 000000000 ____D C:\ProgramData\Origin
2017-09-10 01:19 - 2015-08-17 02:28 - 000000000 ____D C:\Users\Julian\AppData\Roaming\Origin
2017-09-07 15:12 - 2017-07-26 15:13 - 000000000 ____D C:\Program Files (x86)\AlbionOnline
2017-09-02 23:55 - 2015-08-08 20:29 - 000000000 ____D C:\Users\Julian\AppData\Local\Blizzard Entertainment
2017-09-02 01:54 - 2014-11-22 07:29 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 01:54 - 2014-11-22 07:29 - 000177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-01 17:26 - 2016-11-16 05:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-01 17:26 - 2015-08-08 19:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-20 17:06 - 2015-04-20 17:06 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-08 19:40 - 2015-08-08 19:40 - 000000032 _____ () C:\ProgramData\Temp.log
2015-04-20 18:02 - 2015-04-20 18:02 - 000000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-04-20 17:58 - 2015-04-20 17:58 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-04-20 18:01 - 2015-04-20 18:01 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-04-20 17:56 - 2015-04-20 17:57 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-04-20 17:57 - 2015-04-20 17:57 - 000000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2015-04-20 17:58 - 2015-04-20 17:58 - 000000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-18 18:38

==================== Ende von FRST.txt ============================

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-09-2017
durchgeführt von Julian (24-09-2017 16:14:50)
Gestartet von C:\Users\Julian\Desktop
Windows 8.1 (Update) (X64) (2015-08-08 16:59:03)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3495731131-4003904178-1165495969-500 - Administrator - Disabled)
Gast (S-1-5-21-3495731131-4003904178-1165495969-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3495731131-4003904178-1165495969-1003 - Limited - Enabled)
Julian (S-1-5-21-3495731131-4003904178-1165495969-1001 - Administrator - Enabled) => C:\Users\Julian

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Albion Online (HKLM-x32\...\SandboxAlbionOnline) (Version:  - Sandbox Interactive GmbH)
AlienFX for KoneXTD (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH) Hidden
AlienFX for KoneXTD (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.02 - Roccat GmbH)
Anno Online (HKLM\...\Steam App 336510) (Version:  - Blue Byte)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Batman: Arkham Asylum GOTY Edition (HKLM\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 0.2.1.156 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.2.1.156 - Battlestate Games)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
Catan Universe (HKLM\...\Steam App 544730) (Version:  - Exozet)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Empire Earth Gold Edition (HKLM-x32\...\1207658777_is1) (Version: 2.1.0.17 - GOG.com)
Endless Legend (HKLM\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
ESEA (HKLM\...\Steam App 479130) (Version:  - ESEA)
ESEA Client (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2014 (HKLM\...\Steam App 226580) (Version:  - Codemasters)
For Honor Open Beta (HKLM\...\Steam App 572600) (Version:  - Ubisoft Montreal)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{85E3592A-8C11-44F4-AABD-F82EF41167AD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\GameRanger) (Version:  - GameRanger Technologies)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.91 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version:  - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
Hero of the Kingdom (HKLM\...\Steam App 259550) (Version:  - Lonely Troops)
Hero of the Kingdom II (HKLM\...\Steam App 346560) (Version:  - Lonely Troops)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes of Might & Magic III - HD Edition (HKLM-x32\...\Steam App 297000) (Version:  - DotEmu)
Heroes of Might & Magic V (HKLM\...\Steam App 15170) (Version:  - Nival)
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kingdom Rush (HKLM\...\Steam App 246420) (Version:  - Ironhide Game Studio)
Kingdom Rush Frontiers (HKLM\...\Steam App 458710) (Version:  - Ironhide Game Studio)
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\Steam App 32440) (Version:  - Traveller's Tales)
Magicka (HKLM\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.0 - Ubisoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{26E474C7-E63A-4EC2-A08C-909B996AA75D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F78F19A8-F3F5-4407-B98B-F23ACC82DBF5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Neverwinter (HKLM\...\Steam App 109600) (Version:  - Cryptic Studios)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 385.69 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.44.0 - Overwolf Ltd.)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version:  - Chris Sawyer Productions)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Spotify (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 2 (HKLM\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold HD (HKLM\...\Steam App 40950) (Version:  - FireFly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version:  - Rune Forge)
Titan Quest (HKLM\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Tower Wars (HKLM\...\Steam App 214360) (Version:  - SuperVillain Studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 26.0 - Ubisoft)
Valokuvavalikoima (HKLM-x32\...\{B315ABA6-8217-484E-9AC5-38806E265664}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
World of Tanks (HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
Yu-Gi-Oh! Legacy of the Duelist (HKLM\...\Steam App 480650) (Version:  - Other Ocean Interactive)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A911D77-F086-4808-8ED7-A044F5758B66} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: {0AA0938B-8DC1-4A27-92C9-445A08E4BBEF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {2D413BD3-9068-44CC-A219-F38F263A6EB9} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
Task: {2E102776-F9A8-4307-8BB4-5393A31D60F3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {499491A7-2617-4A71-8633-984D9EF142C5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {711FCD02-4903-4575-8DDA-80A89D1687B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-09-14] (Microsoft Corporation)
Task: {73FF3D9E-438B-4B96-874B-1DD4BFA5877B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {7A97ACA1-8F23-4677-9A0E-B57DA961B5DB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {7EA5AC2B-2B1F-4069-B18E-6CFCFE01615E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {94F3D13F-128D-4F2F-B33E-84C5ACF0882F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {A766DD9D-8F3F-412E-AED3-86FF473B769A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {A9C31928-EE7F-471F-BCFE-397F6F385F6B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-21] (Adobe Systems Incorporated)
Task: {AE2C14E6-119A-421C-B6FE-4A7425DE92FE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {BAFA3744-4A21-43C7-88AB-05E7ED80712E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {C97325EF-0FC0-4432-A4CF-3C8C795D8B1C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation)
Task: {DA7D195F-2D67-4242-91A4-13A1FF02B8B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-21 17:17 - 2017-09-19 09:20 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-02-26 21:10 - 2016-02-26 21:10 - 000066872 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2017-09-23 00:42 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-05-09 18:58 - 2013-05-09 18:58 - 000119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-12-25 12:46 - 2012-06-17 12:20 - 000061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 053018112 _____ () D:\Programme (x86)\GOG Galaxy\libcef.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000507968 _____ () D:\Programme (x86)\GOG Galaxy\PocoUtil.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001076800 _____ () D:\Programme (x86)\GOG Galaxy\PocoNet.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001854528 _____ () D:\Programme (x86)\GOG Galaxy\PocoData.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000393280 _____ () D:\Programme (x86)\GOG Galaxy\PocoDataSQLite.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 001589312 _____ () D:\Programme (x86)\GOG Galaxy\PocoFoundation.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000307776 _____ () D:\Programme (x86)\GOG Galaxy\PocoNetSSL.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000330816 _____ () D:\Programme (x86)\GOG Galaxy\PocoJSON.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000130112 _____ () D:\Programme (x86)\GOG Galaxy\xdelta3.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000104000 _____ () D:\Programme (x86)\GOG Galaxy\zlib.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000520768 _____ () D:\Programme (x86)\GOG Galaxy\PocoXML.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000272448 _____ () D:\Programme (x86)\GOG Galaxy\PocoZip.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000680000 _____ () D:\Programme (x86)\GOG Galaxy\sqlite.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000425536 _____ () D:\Programme (x86)\GOG Galaxy\pcre.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000157760 _____ () D:\Programme (x86)\GOG Galaxy\PocoCrypto.dll
2017-09-08 14:50 - 2017-09-08 14:50 - 000152128 _____ () D:\Programme (x86)\GOG Galaxy\expat.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 001589312 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoFoundation.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000330816 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoJSON.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000507968 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoUtil.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000104000 _____ () C:\ProgramData\GOG.com\Galaxy\redists\zlib.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000425536 _____ () C:\ProgramData\GOG.com\Galaxy\redists\pcre.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000520768 _____ () C:\ProgramData\GOG.com\Galaxy\redists\PocoXML.dll
2017-09-01 20:53 - 2017-09-08 14:50 - 000152128 _____ () C:\ProgramData\GOG.com\Galaxy\redists\expat.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 001738752 _____ () D:\Programme (x86)\GOG Galaxy\libglesv2.dll
2017-09-01 20:53 - 2017-08-25 11:01 - 000078848 _____ () D:\Programme (x86)\GOG Galaxy\libegl.dll
2017-09-21 17:17 - 2017-09-19 09:20 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-04-20 16:54 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 002603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 13:53 - 2013-03-07 13:53 - 000015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 001006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 000382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2010-01-12 17:55 - 2010-01-12 17:55 - 000400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2010-01-12 17:55 - 2010-01-12 17:55 - 000322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2010-12-16 13:16 - 2010-12-16 13:16 - 000195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2010-01-18 00:34 - 2010-01-18 00:34 - 000062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 13:55 - 2013-03-07 13:55 - 000472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 13:58 - 2013-03-07 13:58 - 000499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 13:54 - 2013-03-07 13:54 - 000013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 014978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 009224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 000317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:gs5sys [7170]
AlternateDataStreams: C:\Users\All Users:gs5sys [7170]
AlternateDataStreams: C:\Users\Julian:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [7170]
AlternateDataStreams: C:\Users\Julian\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Julian\Documents\desktop.ini:gs5sys [1792]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [1792]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img2.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3495731131-4003904178-1165495969-1001\...\StartupApproved\Run: => "EADM"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0DB855AF-3B06-4E4E-AFD0-AF9F4E95BB6E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FC121498-0A8F-463A-AEA0-D906F6263C6D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A6481536-F3B8-4DD3-BE34-1F7A9100472B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DD93CA99-AE1E-4BEC-9737-3D924008BFA9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{258FF7F1-3898-401C-8D4F-102032167932}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe
FirewallRules: [{D5C0A77D-352B-4457-BAF2-E8C8D65C11B2}] => (Allow) D:\Programme (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe

==================== Wiederherstellungspunkte =========================

21-09-2017 19:39:51 chip 1-click download service wurde entfernt.

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/24/2017 12:44:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x74c
Startzeit der fehlerhaften Anwendung: 0x01d3352219b5cddc
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: 605c4ba4-a115-11e7-82e8-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/24/2017 12:42:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 24.9.2017.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6a0

Startzeit: 01d33521c17cffc9

Endzeit: 0

Anwendungspfad: C:\Users\Julian\Desktop\FRST64.exe

Berichts-ID: 1b34673e-a115-11e7-82e7-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/24/2017 02:52:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x73c
Startzeit der fehlerhaften Anwendung: 0x01d334cf6889c01a
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: af2fa4fb-a0c2-11e7-82e7-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/23/2017 12:46:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x77c
Startzeit der fehlerhaften Anwendung: 0x01d333f48957cfad
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: cffaa1f6-9fe7-11e7-82e6-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/23/2017 12:38:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Name des fehlerhaften Moduls: HeciServer.exe, Version: 1.28.487.1, Zeitstempel: 0x518e67a1
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000005d239
ID des fehlerhaften Prozesses: 0x744
Startzeit der fehlerhaften Anwendung: 0x01d333f37b95bc84
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Intel\iCLS Client\HeciServer.exe
Berichtskennung: c238a95c-9fe6-11e7-82e5-b8aeeda2aafc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/22/2017 10:20:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{f9b7d767-aa8f-42f6-b493-9b0ba819592d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (09/21/2017 06:05:00 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (09/21/2017 05:15:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1868

Startzeit: 01d332ec4c6d746e

Endzeit: 14

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: a3e79bd9-9edf-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:07:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15e8

Startzeit: 01d332eb19d2feda

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: 8c45832a-9ede-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/21/2017 05:05:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.5.15.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a68

Startzeit: 01d332ea564fd91b

Endzeit: 7

Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe

Berichts-ID: f1633d2b-9edd-11e7-82e4-b8aeeda2aafc

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (09/24/2017 12:57:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/24/2017 12:57:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/24/2017 12:57:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (09/24/2017 12:47:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/24/2017 12:45:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/24/2017 12:45:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/24/2017 12:44:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (09/24/2017 12:44:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/24/2017 12:44:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Capability Licensing Service Interface erreicht.

Error: (09/24/2017 12:44:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\windows\system32\Rtlihvs.dll
Fehlercode: 126


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 12240.42 MB
Verfügbarer physikalischer RAM: 9384.68 MB
Summe virtueller Speicher: 24528.42 MB
Verfügbarer virtueller Speicher: 20449.04 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.53 GB) (Free:31.9 GB) NTFS
Drive d: (Data) (Fixed) (Total:1802.89 GB) (Free:1203.4 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:40.59 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

Moin,
bis hierher nochmals vielen Dank für die Hilfe.
Das einzige, was mir seit einigen monaten komisch vorkommt ist, dass mein browser massig an RAM frisst. Teilweise bis 1,5 GB, meist aber um 1GB. Ich weiß nicht ob das so sein sollte, würde es aber verneinen.

MfG Julian

M-K-D-B · 24.09.2017, 19:47

Servus,

Zitat:

Das einzige, was mir seit einigen monaten komisch vorkommt ist, dass mein browser massig an RAM frisst. Teilweise bis 1,5 GB, meist aber um 1GB. Ich weiß nicht ob das so sein sollte, würde es aber verneinen.

Klingt viel... kommt aber auch darauf an, was du alles mit deinem Browser gleichzeitig machst... Könnte auch sein, dass Kaspersky etwas mit der Auslastung zu tun hat.

Zitat:

CHIP-Installer.exe

Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?

Reste entfernen

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
C:\Users\Julian\Downloads\*CHIP-Installer*.exe
DeleteKey: HKLM\SOFTWARE\Microsoft\Tracing\wb_RASAPI32
DeleteKey: HKLM\SOFTWARE\Microsoft\Tracing\wb_RASMANCS
Reboot:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!

Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
Starte deinen Rechner zum Abschluss neu auf.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.

Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

Emsisoft Anti-Malware (kostenpflichtig)
ESET NOD32 Antivirus (kostenpflichtig)
Microsoft Security Essentials (kostenlos)

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.

Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Browser (Internet Explorer, Edge, Firefox, Chrome, Opera, etc.)
Flash-Player
Java
Adobe Reader

Optionale Browsererweiterungen

Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.

Grundsätzliches

Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Lesestoff:
Backup-/Image-Tools

IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen.

Option 1: Drivesnapshot

Offizielle TB-Anleitung --> http://www.trojaner-board.de/186299-...esnapshot.html

Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64
Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot.

Option 2: Seagate DiscWizard
Download => Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg

Option 3: Acronis TrueImage WD Edition
Download => Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg

exogeen · 24.09.2017, 20:41

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-09-2017
durchgeführt von Julian (24-09-2017 21:12:08) Run:4
Gestartet von C:\Users\Julian\Desktop
Geladene Profile: Julian (Verfügbare Profile: Julian)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Julian\Downloads\*CHIP-Installer*.exe
DeleteKey: HKLM\SOFTWARE\Microsoft\Tracing\wb_RASAPI32
DeleteKey: HKLM\SOFTWARE\Microsoft\Tracing\wb_RASMANCS
Reboot:

*****************


=========== "C:\Users\Julian\Downloads\*CHIP-Installer*.exe" ==========

C:\Users\Julian\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Julian\Downloads\LogMeIn Hamachi - CHIP-Installer(1).exe => erfolgreich verschoben
C:\Users\Julian\Downloads\LogMeIn Hamachi - CHIP-Installer.exe => erfolgreich verschoben

========= Ende -> "C:\Users\Julian\Downloads\*CHIP-Installer*.exe" ========

HKLM\SOFTWARE\Microsoft\Tracing\wb_RASAPI32 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Tracing\wb_RASMANCS => Schlüssel erfolgreich entfernt


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:12:08 ====

Hi,
ich habe alle Schritte durchgeführt und mir die alles durchgelesen.
Abschließend vielen vielen Dank für Hilfe und die Mühe!

Eine Frage hätte ich aber schon noch:
Wenn ich den Task Manager aufrufe sehe ich immernoch so viele Programme die derzeit im Hintergrund laufen. Erstens habe keine Ahnung wozu die benötigt werden und zweitens stellt sich mir die Frage, ob die überhaupt nötig sind und ich somit viel an Arbeitsspeicherauslastung sparen könnte.

Zu der Sache mit dem Browser: Ich gucke oft streams, dazu noch auf einem 2. Bildschirm wodurch teils auch 2 zur selben Zeit laufen. Meist ist es aber so, dass ich spiele und nebenbei ein Stream laufen habe und Firefox trotzdem mehr als 1GB des Arbeitsspeichers belegt. Fressen Streams so viel Kapazität?

MfG Julian

M-K-D-B · 25.09.2017, 19:43

Servus,

Zitat:

Wenn ich den Task Manager aufrufe sehe ich immernoch so viele Programme die derzeit im Hintergrund laufen. Erstens habe keine Ahnung wozu die benötigt werden und zweitens stellt sich mir die Frage, ob die überhaupt nötig sind und ich somit viel an Arbeitsspeicherauslastung sparen könnte.

Von welchen Programmen, die da laufen, sprichst du?

Zitat:

Zu der Sache mit dem Browser: Ich gucke oft streams, dazu noch auf einem 2. Bildschirm wodurch teils auch 2 zur selben Zeit laufen. Meist ist es aber so, dass ich spiele und nebenbei ein Stream laufen habe und Firefox trotzdem mehr als 1GB des Arbeitsspeichers belegt. Fressen Streams so viel Kapazität?

Streamen kann schon Ressourcen ziehen...

Windows 8 - LavasoftTcpService64.dll und LavasoftTcpServiceOff eingefangen

Plagegeister aller Art und deren Bekämpfung: Windows 8 - LavasoftTcpService64.dll und LavasoftTcpServiceOff eingefangen